Android/Simplocker [Threat Name] go to Threat
Android/Simplocker.A [Threat Variant Name]
Available cleaner [Download Simplocker Decryptor ]
Category | trojan |
Size | 4917678 B |
Detection Android db version | 1675 |
Aliases | Android.Locker.2.origin (Dr.Web) |
Short description
Android/Simplocker.A is a trojan that encrypts files on local drives. The trojan collects various sensitive information. The trojan attempts to send gathered information to a remote machine.
Installation
The trojan must be downloaded and manually installed.
Information stealing
Android/Simplocker.A is a trojan that steals sensitive information.
The trojan collects the following information:
- IMEI number
- device model
- manufacturer of the product/hardware
- operating system version
The trojan attempts to send gathered information to a remote machine.
Other information
Android/Simplocker.A is a trojan that encrypts files on local drives.
The trojan displays the following message:
The trojan searches for files with the following file extensions:
- *.jpeg
- *.jpg
- *.png
- *.bmp
- *.gif
- *.doc
- *.docx
- *.txt
- *.avi
- *.kmv
- *.3gp
- *.mp4
The trojan encrypts the file content. The AES encryption algorithm is used.
The extension of the encrypted files is changed to:
- .enc
To decrypt files, the user is asked to send information/certain amount of money via the MoneXy payment service.
The trojan acquires data and commands from a remote computer or the Internet.
It communicates via the TOR anonymity network. The HTTP, HTTPS protocol is used. The trojan contains a list of (4) URLs.