SYMBOLCOMMON_NAMEaka. SYNONYMS
win.loochiper (Back to overview)

looChiper


LooChiper is a Ransomware. It uses a nice but scary name: LooCipher. The name is at the same time an allusion to its capabilities (thank to the term “Cipher”) and to the popular mythological figure, Lucifer. Despite its evocative nickname, the functionalities of this malware are pretty straight forward, not very different from those belonging to many other ransomware families.

References
2019-07-18Github (ZLab-Cybaze-Yoroi)ZLab-Cybaze-Yoroi
@online{zlabcybazeyoroi:20190718:zlab:b81caef, author = {ZLab-Cybaze-Yoroi}, title = {{ZLab - LooCipher Decryption Tool}}, date = {2019-07-18}, organization = {Github (ZLab-Cybaze-Yoroi)}, url = {https://github.com/ZLab-Cybaze-Yoroi/LooCipher_Decryption_Tool}, language = {English}, urldate = {2020-01-07} } ZLab - LooCipher Decryption Tool
looChiper
2019-07-13Marco Ramilli
@online{ramilli:20190713:free:8352c2a, author = {Marco Ramilli}, title = {{Free Tool: LooCipher Decryptor}}, date = {2019-07-13}, url = {https://marcoramilli.com/2019/07/13/free-tool-loocipher-decryptor/}, language = {English}, urldate = {2020-01-07} } Free Tool: LooCipher Decryptor
looChiper
2019-07-10FortinetJasper Manuel
@online{manuel:20190710:loocipher:279c185, author = {Jasper Manuel}, title = {{LooCipher: Can Encrypted Files Be Recovered From Hell?}}, date = {2019-07-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/loocipher-can-encrypted-files-be-recovered.html}, language = {English}, urldate = {2020-01-06} } LooCipher: Can Encrypted Files Be Recovered From Hell?
looChiper
2019-07-02YoroiAntonio Farina, Antonio Pirozzi, Luca Mella
@online{farina:20190702:loocipher:3ec598c, author = {Antonio Farina and Antonio Pirozzi and Luca Mella}, title = {{LooCipher: The New Infernal Ransomware}}, date = {2019-07-02}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/loocipher-the-new-infernal-ransomware/}, language = {English}, urldate = {2022-02-02} } LooCipher: The New Infernal Ransomware
looChiper

There is no Yara-Signature yet.