Lockout Ransomware

Lockout Ransomware Description

Type: Trojan

The Lockout Ransomware is a ransomware Trojan that is being used to carry out attacks on computer users. The Lockout Ransomware is being distributed through the use of bogus email attachments that use social engineering techniques to trick computer users into downloading and executing a corrupted code onto their computers. The Lockout Ransomware seems to be mainly targeted towards small and medium sized businesses and tends to use social engineering tactics that involve faking email messages from employees within a particular company.

A Lockout Ransomware Infection Locks out Your Files

The Lockout Ransomware uses a combination of the AES and RSA encryptions to make its victims' files inaccessible. To do this, the Lockout Ransomware will encrypt the victim's files and refuse to release the decryption application until the victim pays a large ransom. The files that become encrypted by the Lockout Ransomware attack are marked with the file extension '.lockout,' making it simple to know which files have become affected by the Lockout Ransomware infection. The Lockout Ransomware will use the executable file 'c.exe' when carrying out an attack. The Lockout Ransomware is capable of encrypting numerous file types, including the following:

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, ,doc, .epub, .docx .fb2, .flv, .gif, .gz, .iso .ibooks, .jpeg, .jpg, .key, .mdb .md2, .mdf, .mht, .mobi .mhtm, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .ppsx, .psd, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .ckp, .zip, .java, .py, .asm, .c, .cpp, .cs, .js, .php, .dacpac, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb, .dxf, .dwg, .drw, .casb, .ccp, .cal, .cmx, .cr2.

The Lockout Ransomware will display a ransom note and change the Windows Welcome Screen adding a text to this picture containing the Lockout Ransomware ransom note. The Lockout Ransomware also will change the Desktop wallpaper image and drop its ransom note in a text file named 'Payment-instructions.txt,' which will be opened by the default text editor on the infected computer. The Lockout Ransomware will display the following ransom note on the infected computer to demand that the victim pays the ransom amount to recover the affected files:

'Your Payment ID: [9 RANDOM CHARACTERS]
Contact bnd54@mail2tor.com with your Payment ID from above to get price and payment details for unique decryption software. Files are encrypted with RSA-2048 encryption, so the only way to recover your data is using our software. we will decrypt 1 file for you to show you will get all data back using our unlocker. Price will double in 3 days so don't delay!'

Dealing with a Lockout Ransomware Infection

PC security researchers strongly advise computer users to refrain from contacting the people responsible for the Lockout Ransomware attack. These extortionists are likely to ignore the ransom payment or even re-infect the victim's computer. Since it is not possible to restore files encrypted by the encryption methods deployed by the Lockout Ransomware, PC security researchers strongly advise computer users to take preventive measures to limit the damage that can be caused by the Lockout Ransomware and other ransomware Trojans.

There are several preventive measures computer users can take to limit the damage in a Lockout Ransomware attack. The single best preventive measure computer users can e is a reliable backup method. Having backup copies of files on an external memory device or the cloud can make computer users completely invulnerable to schemes like the Lockout Ransomware. This is because the ability to restore the affected files removes any leverage or power the con artists gain over the victim during the attack, removing any need the computer users might have to pay the ransom amount. In addition to file backups, PC security analysts advise the use of a reliable, fully updated anti-malware application.

Technical Information

File System Details

Lockout Ransomware creates the following file(s):
# File Name MD5 Detection Count
1 file.exe e3137275d9ef204209418b297d10e10c 2

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.