| Name | ZeroLocker |
| Type | Crypto Ransomware |
| Encryption Type | 160 bit AES encryption |
| Short Description | ZeroLocker usually encrypts the files in an infected system as any other ransomware and demands ransom for decrypting the encrypted files. |
| Symptoms | To the files it encrypts Zerolocker adds a .encrypt extension and it doesnpot encrypt file with more than 20MB File size, also those files located at directories with words such as WINDOWS, Desktop, Program Files. It starts its execution from C:\ZeroLocker\ZeroRescue.exe. |
| Distribution Method | Once the encryption is done, the malware runs the cipher.exe utility that removes all the unused data from the drive which makes the file recovery harder. Finaly the encryption key, along with the CRC32 and the related Bitcoin wallet is sent to the server. |
| Image |  |
| More Details | ZeroLocker takes in the methodoly followed in Cryptolocker for making payments quicker. For the first 72 hours the Ransom is about $200, if not paid the ransom is raised to $2,232. |