NailaoLocker (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.nailao_locker (Back to overview)

NailaoLocker

According to Orange Cybwerdefense, NailaoLocker is a ransomware using AES-256-CTR mode, which conveniently logs its encryption activities into a log file.

References

2025-02-20 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
NailaoLocker PlugX ShadowPad

2025-02-20 ⋅ Trend Micro ⋅ Daniel Lunghi
Updated Shadowpad Malware Leads to Ransomware Deployment
EvilExtractor NailaoLocker PlugX ShadowPad

2025-02-18 ⋅ Orange Cyberdefense ⋅ Alexis Bonnefoi, Marine PICHON
IOCs Green Nailao campaign (NailaoLocker, ShadowPad)
NailaoLocker PlugX ShadowPad

There is no Yara-Signature yet.

NailaoLocker Propose Change

References

NailaoLocker