The Ims00rry ransomware encrypts files using AES-128, and does not add an extension. Instead, the text "---shlangan AES-256---" is pretended to the file contents. The victim is asked to contact the criminals on Telegram @Ims00rybot.
The ransom note "README" contains the following text:
I am sorry!!!
My friend. I want to start my own business, but i have no money.
All your files photos, databases, documents and other important are encrypted with strongest encryption and algorithms RSA 4096, AES-256.
If you want to restore your files payment and write to Telegram bot
Price decrypt software is $50.
Attention!!!
Do not rename or move the encrypted files.
Bitñoin wàllet:
1tnZbveCXmqRS1gfZSxztG5MbdJhptaqu
Contact Telegram bot:
@Ims00rybot
Detailed usage guide
Download
Showing posts with label Ransomware. Show all posts
Showing posts with label Ransomware. Show all posts
Monday, July 15, 2019
Sunday, July 7, 2019
Eris Ransomware
Eris Ransomware
Virustotal
This is a new ransomware. Sample is allowed to run in a sandboxed environment. Encryption is fast as it encrypted almost all of my documents in drive C: in under a minute the sample was running.
Removal is easy, just do a full scan with an updated antivirus/antimalware (refer to virustotal.com for list of programs that can detect Eris ransomware).
Decryption is another story. Although I've seen may sites with instructions on how to decrypt Eris, I doubt if any of them really works.
 |
| Ransomware Readme |
 |
| Documents encrypted by Eris Ransomware |
 |
| Original document filesize is reduced to zero byte after encryption |
 |
| Encrypted document |
Notes:
- Ransomware sample is detected by Kaspersky Security Cloud. Sample was tested with AV disabled
- AppCheck wasn't able to detect the encryption
- After the test, Recuva failed to recover any encrypted documents
Saturday, July 6, 2019
Free Ransomware Decryption Tools
Here is a list of ransomware decryption tools provided by antivirus developers. It's sad that decryption tools can't keep pace with the growing number of ransomware.
Related Article: List of free Ransomware Decryption Tools to unlock files
Subscribe to:
Posts (Atom)