CryptoLocker Ransomware

actually morphiusz you are right. i ran it and it created a startup reg key but it never did anything.

does anyone have a working sample?

This is like the most talked about malware in how long? And yet it’s this hard to find a sample? I only found that one I PM’d you before… It’s a conspiracy! (joking)

its weird i know. thats the sample i used

How long did you wait after running cryptolocker? From what I can see on the internet it would take a while before the encryption starts, the files would also look the same but they would not open. You could try putting a word file in the documents folder and then running the malware, wait for a while and then try to open the word file, if it’s not encrypted then yeah the sample is probably useless. It could be because the malware seems to have hardcoded IP addresses and if I understand it correctly Cryptolocker first tries to communicate with this server, could be that they’ve changed the IP address since that sample and hence it doesn’t get any keys to encrypt with? But I don’t know… Just speculating here.

Edit: You could check post #4 in this thread: [u]http://malwaretips.com/Thread-Ransomware-email-attachment-demands-Bitcoin-payments?highlight=cryptolocker[/u]