Trojan.Ransomlock.S
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 10,148 |
| Threat Level: | 90 % (High) |
| Infected Computers: | 212 |
| First Seen: | October 3, 2012 |
| Last Seen: | December 9, 2025 |
| OS(es) Affected: | Windows |
Trojan.Ransomlock.S is a Trojan that locks the compromised PC and does not let the PC owner to use the machine. Trojan.Ransomlock.S asks the victim to pay the so-called fine to unlock the computer. While being run, Trojan.Ransomlock.S copies itself to the specific location of the targeted computer system. Trojan.Ransomlock.S creates the particular registry entry, which allows it to load automatically whenever you boot up Windows. After the computer is locked, Trojan.Ransomlock.S shows a bogus notification warning PC users of the violation of the certain copyright law and asks to make an online transaction of $200 via a MoneyPak.
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Antivirus Vendor | Detection |
|---|---|
| Panda | Trj/CI.A |
| AVG | Agent_r.BPD |
| Fortinet | W32/Kryptik.AMPM!tr |
| Ikarus | Worm.Win32.Cridex |
| AhnLab-V3 | Trojan/Win32.PornoAsset |
| McAfee-GW-Edition | Heuristic.BehavesLike.Win32.Suspicious-BAY.K |
| AntiVir | TR/Graftor.4485979 |
| Comodo | TrojWare.Win32.Kryptik.NEGB |
| Sophos | Mal/ZboCheMan-D |
| Kaspersky | Trojan-Ransom.Win32.PornoAsset.afhx |
| Avast | Win32:Kryptik-KGB [Trj] |
| Symantec | Trojan.Ransomlock.S |
| F-Prot | W32/Falab.F18.gen!Eldorado |
| K7AntiVirus | Trojan |
| McAfee | PWS-Zbot.gen.als |
Analysis Report
General information
| Family Name: | Trojan.PeEncrypt.A |
|---|---|
| Packers: | UPX |
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
218d7d889437018974189415c2ff7c1c
SHA1:
1c173223aac43ea988dd5388de7b07b4fdc8f8f8
SHA256:
63D0A11106B1DEB9D775E74C43124D88DB573C1FF4045F4FEB1E2EF159C00627
File Size:
51.05 KB, 51052 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File has been packed
- File has TLS information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
- File is Native application (NOT .NET application)
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Traits
- .UPX
- 2+ executable sections
- HighEntropy
- No Version Info
- packed
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 2 |
|---|---|
| Potentially Malicious Blocks: | 2 |
| Whitelisted Blocks: | 0 |
| Unknown Blocks: | 0 |
Visual Map
x
x
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Soltern.E
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\my downloads | Synchronize,Write Attributes |
| c:\my downloads\aikaquest3hentai crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\aikaquest3hentai crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\aikaquest3hentai key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\aikaquest3hentai key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\aim account stealer key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\aim account stealer key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\austerlitz napoleons greatest victory key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\austerlitz napoleons greatest victory key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\borland delphi 6 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
Show More
| c:\my downloads\borland delphi 6 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\civilization 3 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\civilization 3 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\civilization 3 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\civilization 3 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\cky3 - bam margera world industries alien workshop full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\cky3 - bam margera world industries alien workshop full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\cky3 - bam margera world industries alien workshop iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\cky3 - bam margera world industries alien workshop iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\deadly dozen full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\deadly dozen full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\dsl modem uncapper key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\dsl modem uncapper key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\duke nukem manhattan project full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\duke nukem manhattan project full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\duke nukem manhattan project patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\duke nukem manhattan project patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\dweebs 2 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\dweebs 2 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\empire earth full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\empire earth full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\free virus removal toop from symantec iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\free virus removal toop from symantec iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\grand prix 4 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\grand prix 4 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\gta3 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\gta3 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\half life blue shift iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\half life blue shift iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\half-life online key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\half-life online key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\hoyle card games 2003 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\hoyle card games 2003 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\industry giant 2 crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\industry giant 2 crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\industry giant 2 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\industry giant 2 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\kazaa spyware remover patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\kazaa spyware remover patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\lordoftheringsr patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\lordoftheringsr patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\macromedia flash 5.0 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\macromedia flash 5.0 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\mafia crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\mafia crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\microsoft office xp (english) full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\microsoft office xp (english) full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\moviezchannelsinstaler crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\moviezchannelsinstaler crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\moviezchannelsinstaler full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\moviezchannelsinstaler full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\moviezchannelsinstaler iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\moviezchannelsinstaler iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\ms train simulator patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\ms train simulator patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\nero burning rom 5.8.0.1 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\nero burning rom 5.8.0.1 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\quake 4 beta key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\quake 4 beta key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\soldiers of anarchy key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\soldiers of anarchy key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\squad battles eagles strike full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\squad battles eagles strike full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\star wars ii movie key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\star wars ii movie key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\strike fighter project 1 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\strike fighter project 1 patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\stronghold crusader full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\stronghold crusader full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\stronghold crusader iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\stronghold crusader iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\the neverending story part i patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\the neverending story part i patch.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\valhalla chronicles full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\valhalla chronicles full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\warcraft 3 crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\warcraft 3 crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\warcraft 3 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\warcraft 3 full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\windows xp key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\windows xp key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\winrar 3.2 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\winrar 3.2 iso - full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\winzip 8.0 key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\winzip 8.0 key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\zidane-screeninstaler key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\zidane-screeninstaler key generator.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\zonealarm firewall crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\zonealarm firewall crack.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
| c:\my downloads\zonealarm firewall full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data |
| c:\my downloads\zonealarm firewall full downloader.exe | Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144 |
