CIA Special Agent 767 Screen Locker
Posted: December 15, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 37 |
| First Seen: | December 15, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The 'CIA Special Agent 767' Screen Locker is a variant of the 'M4N1F3STO Virus' Lockscreen, a Trojan that blocks your access to the desktop and other programs with a pop-up message. Like its previous version, the 'CIA Special Agent 767' Screen Locker uses misleading and fraudulent information to coerce any victims into paying a ransom. Following the instructions in this article and using anti-malware solutions for removing the 'CIA Special Agent 767' Screen Locker can unlock your computer for free.
A Special Agent on the Case of Your Computer
Although the technical simplicity of using threatening encryption attacks causes many threat actors to use it as a bargaining chip, some con artists prefer a 'bare minimum' approach. When they're uninterested in creating or renting the code for legitimate encryption payloads, they may use simpler attacks misleading the victim only into believing that their media is the subject of such an attack. The 'M4N1F3STO Virus' Lockscreen was one of the most recent campaigns in this style, but malware experts are observing a new follow-up, the 'CIA Special Agent 767' Screen Locker.
The 'CIA Special Agent 767' Screen Locker's payload consists of loading a no-border, pop-up Web page that it uses for blocking your whole screen. This page contains CIA referential graphics and a warning stating that documents and other files are under an encryption cipher. Through a built-in interface, it redirects the reader to a Bitcoin-purchasing website and a transfer process for paying a ransom to a Bitcoin wallet address. The message claims that the entity will deliver the 'decryption key' for restoring your data within twenty-four hours after the payment.
Although it doesn't use a timer, the Trojan also tries to encourage quick payouts by cautioning you that the ransom may increase over time, up to 500 USD.
The Real Secret of this Secret Agent Man
Like 'M4N1F3STO Virus' Lockscreen, malware experts confirm that the 'CIA Special Agent 767' Screen Locker doesn't include any encoding features. It also doesn't try to commit other forms of file damage, such as deleting Shadow Copies. The greatest danger a 'CIA Special Agent 767' Screen Locker infection represents to your PC is its window's capacity for blocking your access to other applications, although any threats installing it may include other attacks.
The 'CIA Special Agent 767' Screen Locker's threat actor chose to use the same unlocking password for this Trojan as malware experts confirmed with the previous Trojan. Entering 'suckmydicknigga' into the key field should remove the warning message. Although the 'CIA Special Agent 767' Screen Locker has no especial defenses against deletion, victims are recommended to use anti-malware products for removing the 'CIA Special Agent 767' Screen Locker due to the likelihood of other threats factoring into the compromise of your PC.
The 'CIA Special Agent 767' Screen Locker is most threatening for PC users who assume that any warning appearing on their screens is legitimate and they should follow it without any questions. The next time you see the 'CIA' on your computer, you may want to stop and check for red flags, like requests for an untraceable cryptocurrency, before you do whatever the message says.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 290.43 KB (290430 bytes)
MD5: 3c74f228af8d9bd3b329a59cfb45e112
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 15, 2016
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.