This trojan blocker ( MD5: 38af115d202a617751545b6e8923e5f3 ) prevents all software execution.
To remove the Trojan (and unlock windows), infected users need to enter a valid serial number.
According to VirusTotal this sample was detected by 3 AV: https://www.virustotal.com/file-scan/report.html?id=95a8113ff47c291e5fa47a9af1bd1cc257b21a9cc9a536dbda7702b679ea60c7-1303145080
Number to Call: 8-918-530-35-02
Code to unlock windows: 9100
This ransomware was also noticed here (18 Aug 2k10) ~ here (17 Dec 2k10) ~ here (27 Dec 2k10) ~ here (12 Jan 2k11) ~ here (14 Jan 2k11) ~ here (21 Jan 2k11) ~ here (23 Jan 2k11) ~ here (1 Feb 2k11) ~ here (3 Feb 2k11) ~ here (4 Feb 2k11) ~ here (4 Feb 2k11) ~ here (5 Feb 2k11) ~ here (7 Feb 2k11) ~ here (10 Feb 2k11) ~ here (12 Feb 2k11) ~ here (27 Feb 2k11) ~ here (10 Mar 2k11) ~ here (14 Mar 2k11) ~ here (14 Mar 2k11) ~ here (21 Mar 2k11)
If you have a trouble for typing the serial please follow this
Thanks to mrbelyash for the sample.
No comments:
Post a Comment