CryLock is a malicious ransomware strain that encrypts victim files and demands ransom payment for decryption. First observed in the wild on April 1, 2020, this ransomware has been actively targeting systems worldwide.
Quick Facts
Ransomware Family
CryLock
First Seen
April 1, 2020
How CryLock Ransomware Works
Targeted Files
Full filename -> desktop.ini[reddragon3335799@protonmail.ch][sel3].[EDF8147C-62CC2057]
-> [grand@horsefucker.org][3326026783-1743397762].nbf
VERTICAL.BAR[hopeandhonest@smime.ninja].[1E3A69B7-1D530015]
File Encryption Patterns
CryLock modifies encrypted files using specific patterns to mark them as encrypted:
This CryLock ransomware analysis is part of Elastio's comprehensive ransomware detection database. Elastio provides advanced ransomware protection and recovery solutions, helping organizations defend against and recover from ransomware attacks like CryLock.