Dissecting a Metamorphic File-Infecting Ransomware presented at hackfest 2017

by Raul Alvarez,

Summary : Virlock is a polymorphic file-infecting ransomware. It is capable of infecting executable files and at the same time, hold your computer hostage.
Running a single infected file is a sure way of infecting your computer all over again. That is one of the main goals of Virlock. As a ransomware, the malware makes sure that you won’t be able to use your computer until you pay the ransom demand. And to make our lives, even harder, Virlock employs an on-demand polymorphic algorithm, where each and every copy of the infected executable file is different from each other. And there is more, Virlock is not only a polymorphic file-infecting ransomware. The initial set of the malware code is metamorphic in nature.