Defend what you create

Other Resources

Zamknij

Library
My library

+ Add to library

Profile

Linux.Encoder.2

Added to Dr.Web virus database:2015-11-16
Virus description was added:2015-11-20

SHA1:

  • 14ffe3ef5ccfbbc9a03ebd67d70b7cbf521db3f2
  • 541966dd25ce48a8f54b270b9aed2fba3f021d29
  • 57cf90a1cea89e13c3fd625854dd6b81228796b9
  • aebb9bf852d848e22e8a7bba4d64874c7953460d
  • b45f8f33ff54ece377fad73a8f89857c2bc114ac

Encryption ransomware for Linux written in C using the OpenSSL library. In most ways, it is similar to Linux.Encoder.1. However, in this modification cybercriminals implemented some other features as well:

  1. Does not save access privileges in encrypted file headers.
  2. Employs another pseudorandom number generator.
  3. Instead of PolarSSL, uses the OpenSSL library.
  4. Encrypts files in the AES-OFB-128 mode with context reinitialization every 128 bytes, that is every 8 AES blocks.

Doctor Web security researchers have developed a new technique that, in most cases, can help decrypt files compromised by the malware.

News about the Trojan

Curing recommendations


Linux

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

One month (no registration) or three months (registration and renewal discount)

Download Dr.Web

Download by serial number

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web to rosyjski producent oprogramowania antywirusowego Dr.Web. Rozwijamy nasze produkty od 1992 roku.

125040, Rosja, Moskwa, 3. ulica Jamskiego Pola 2-12A