A new ransomware strain called 'Windows Locker' has been identified, targeting victims by encrypting files and appending the .winlocker extension. Upon infection, it drops a ransom note named Readme.txt with instructions for contacting the attacker. Written in .NET, this sophisticated malware modifies registry keys for persistence, deletes shadow copies, and disables system defenses. It employs AES encryption with a 256-bit key, creates autorun entries, replicates onto removable drives, and disables Windows Defender and Task Manager. The ransomware generates a unique identifier for infected systems, retrieves the local IP address, and includes personalized details in the ransom note. It also modifies the desktop background as part of its psychological impact.