Ranstop blocks Princess Locker v2 ransomware

/in , /by

Test subject – Princess Locker v2 ransomware

Princess Locker represents a relatively known type of ransomware which seems to have evolved from the same family as Alma Locker. It was first discovered in 2016 and a second version was released relatively recently, and it is very active at present.

Princess Locker ransomware test facts

The ransomware is distributed through various means like malicious sites which attempt to exploit vulnerabilities in Flash or Internet Explorer or malspam campaigns. Once it infects a computer, it encrypts most of the accessible files using a symmetric-key algorithm. The infected files are renamed using random extensions which are not the same on different machines. Princess also creates ransom notes in _THIS_TO_FIX_[identifier].txt or _THIS_TO_FIX_[ identifier].html files. Users are urged to open these files to find out the necessary information on how to decrypt the files. Typically, to decrypt the files, the user is asked to pay 0.06  – 0.18 BTC as a ransom.

The first version of Princess had flaws in the coding, which allowed security researchers to develop a decryptor which is available for free. Unfortunately, for the second version, there is no free decryptor available yet.

Princess Locker ransomware test results

TEMASOFT Ranstop detects this version of Princess Locker ransomware soon after it starts processing files. Upon detection, the user is alerted, and the malicious process is stopped and quarantined. The victim files are automatically restored so that the user doesn’t lose any valuable document.


Click here to watch TEMASOFT Ranstop in action against Princess Locker v2 ransomware (video)!

Learn how to protect against ransomware!

About TEMASOFT Ranstop

TEMASOFT Ranstop is an anti-ransomware software that detects present and future ransomware, based on file access pattern analysis with a high degree of accuracy. At the same time, it protects user files so that they can be restored in case of malware attacks or accidental loss.

For more information, follow us on social media and subscribe to our newsletter.


You might also like
Ranstop blocks Yatron ransomware
New variant of Petya ransomware attacks computers worldwide
Ranstop blocks Delphimorix ransomware
Ranstop blocks DBGer ransomware
Cerber ransomware evolves to steal passwords and Bitcoin wallets
Ransomware-as-a-service expected to highly increase the number of cyber criminals