GPCoder.h
This is a detection for a ransomware trojan. It encrypts files on the harddrive, creates a text-file indicating what has happened, and gives email addresses to send the ransom money to. Found documents are encoded and a text file named read_me.txt is placed in the directory containing the following text: Hello, your files are encrypted with RSA-4096 algorithm
You will need at least few years to decrypt these files without our
software. All your private information for last 3 months were
collected and sent to us.
To decrypt your files you need to buy our software. The price is $300.
To buy our software please contact us at: %s and provide us
your personal code %d. After successful purchase we will send
your decrypting tool, and your private information will be deleted
from our system.
If you will not contact us until 07/15/2007 your private information
will be shared and you will lost all your data.
Glamorous team.