Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Variant Of Randsomware Gpcode File Encryptor


  • Please log in to reply
5 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,139 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:34 PM

Posted 09 June 2008 - 09:01 AM

We've detected a new variant of Gpcode a dangerous file-encryptor. It encrypts a whole variety of user files, targeting files with extensions such as DOC, TXT, PDF, XLS, JPG, PNG, CPP, H etc...although we detect the virus itself, we can't currently decrypt files encrypted by Gpcode.ak the RSA encryption implemented in the malware uses a very strong, 1024 bit key...

Gpcode: the return of the file encryptor
Analyst's Diary
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:34 PM

Posted 11 June 2008 - 09:59 AM

Nice article :thumbsup:

#3 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:34 PM

Posted 17 June 2008 - 07:01 PM

hi.

I think they already found the antidote.

http://news.softpedia.com/news/1-024-Bit-E...ool-88213.shtml

But it should be 1024 bit not 1.024 bit :thumbsup:

Mark

Edited by mas_pogi, 17 June 2008 - 07:12 PM.


#4 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:34 AM

Posted 06 July 2008 - 07:48 PM

Kaspersky has found a way to recover the files... http://www.viruslist.com/en/viruses/encycl...sid=313444#doc2

I think the link mas_pogi provided beat them too it though.
Regards,

Alan.

#5 mas_pogi

mas_pogi

    Carpal Tunnel of Love


  • Members
  • 1,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tokyo, JP
  • Local time:09:34 PM

Posted 21 August 2008 - 01:23 AM

Another decryptor of Gpcode.

http://info.drweb.com/show/3495?lng=en




mp

#6 mov cx ax

mov cx ax

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Location:NYC
  • Local time:08:34 PM

Posted 27 November 2009 - 10:29 PM

RSA? This Virus Makes Your Pc A Wii!


Quick Someone get The Tweezers! :flowers: :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users