PadLock Screen Locker
Posted: December 22, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 80 |
| First Seen: | December 22, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The Padlock Screen Locker is a Trojan that pretends to delete the local files on your PC while also blocking the screen with its pop-up. While malware experts have yet to connect the Padlock Screen Locker with attempts at extortion, all victims should be cautious about any demands from this Trojan and use the recommend security steps for regaining access to the desktop. Once you disable its window, any anti-malware product should find minimal issues with deleting the Padlock Screen Locker while scanning the computer.
The Screen Locker that Lies
In a time when more threatening software than ever is out in the wild with the ability to delete or encrypt your files, it can be easy to forget that not every Trojan does what it claims to do. The Padlock Screen Locker exemplifies how con artists are fully capable of lying about what their Trojans can do while also keeping the victim from debunking any assertions that they make.
The Padlock Screen Locker's payload consists of a full-screen, borderless pop-up that collects focus to maintain itself in the foreground. Although the pop-up contains a message warning you that it's deleting your files, the Padlock Screen Locker includes no real, file-deleting functions currently. Because malware experts also find no extortion or ransom-related elements in these samples, the Padlock Screen Locker may be a work in progress with more features to be added later. Consequentially, the Padlock Screen Locker isn't classifiable as being ransomware or a file-encrypting Trojan.
The only other contain in the Padlock Screen Locker's window is a password field for unlocking your screen. Entering the 'ajVr/G\RJz0R' code, which is hard-coded into current versions of this threat, will close the window and allow you to regain access to other programs, as well as your Windows desktop.
The Frailty behind a Supposedly Impenetrable Padlock
Just like a rusty padlock can be surprisingly easy to open with brute force, the Padlock Screen Locker's payload includes multiple vulnerabilities making it not an air-tight threat to your PC's accessibility. Along with the default password that its threat actor may change later, the Padlock Screen Locker is also vulnerable to being circumvented by Safe Mode, a feature that prevents third-party programs from launching by default. Follow your operating system-specific recommendations on accessing this feature, if necessary, as a second way of closing the lock-screen function.
File data on the Padlock Screen Locker is indicative of it using fake Chrome browser updates or installers for circulating itself potentially. Always verify your sources before installing new software and avoid all updates delivering themselves through exploitable methods, such as unrepresentative domains, pop-ups or advertisement networks. Malware experts see good detection rates against the Padlock Screen Locker, so far, meaning that many anti-malware programs should remove the Padlock Screen Locker before it locks your desktop.
While the Padlock Screen Locker doesn't leverage its deceit to collect money, new attacks may change this limitation of its behavior. Web surfers who download and open files incautiously should remember that both file information and pop-ups are capable of lying, forcing you to make judgment calls for the safety of your computer.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 4.35 MB (4358144 bytes)
MD5: a9321e58fb43a2451a253e00cf078268
Detection count: 45
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 22, 2016
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.