| Anti
Virus Scans |
Protection and removal Warning Cryzip Trojan Virus |
Cryzip Trojan VirusFile name: This Trojan is usually downloaded from the Internet. It ZIP-compresses all files on any readable and writable drive with certain extension names, and password-protects them. In May 2005, a trojan called PGPcoder was discovered in the wild by Websense Security Labs. The trojan's purpose was to encrypt a user's files, then demand a ransom for their decryption. Although this scheme seemed novel, it is actually predated by over 15 years, by a similar scam in 1989. LURHQ's Threat Intelligence Group has now discovered a third such scheme involving ransomware which we are calling Cryzip Trojan Virus.Unlike PGPcoder, which used a custom encryption scheme (which was subsequently reverse-engineered by LURHQ), Cryzip Trojan Virus uses a commercial zip library in order to store files inside a password-protected zip. Although the zip encryption is stronger, a brute-force attack is still possible on the files, especially if one has a copy of the original file inside the zip.
|
TROJ_CRYZIP.A -vcmauth.dllFile DetailsFilename: vcmauth.dll Filesize: 1,191,936 bytes MD5: 86a48836bced8c4a0b59fca972800890 SHA1: 0b3a49b3172fc65db607fcb1b8029820ec11c5b6 Packer: none Compiler: Visual C++ 6.0 Compile Date: Thu Mar 2 18:11:02 2006 CME Number: none assigned Identifying Strings:
|
Latest Computer Viruses
|
|
|
|
|||