Search
Keyword: ransom_cerber
rec.exe powershell.exe -win hidden -enc {encrypted string} It displays the following window as a ransom note: Ransomware Routine This Ransomware encrypts files with the following extensions: .jpg .jpeg
avast.exe Clicking the exit button on its UI will shutdown the system by executing the following command: shutdown -s -t 4 It displays the following UI as its ransom note: This ransomware does not encrypt
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It requires its
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. Arrival
encrypted files: .crypt It leaves text files that serve as ransom notes containing the following text: {Encrypted Directory}DECRYPT.txt TR/RedCap.hmjvh (Avira (no cloud)); Ransom:Win32/Kasitoo.A!rsm
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. Arrival
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. Arrival
= 1 Other Details This Ransomware does the following: It displays the following ransom screen: It displays the following upon successfully unlocking: The key for this ransomware is:
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. Arrival
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files found in specific folders. Arrival
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
.vmx .vsdx .vsv .work .xls .xlsx .xvd .zip NOTES: It drops the following ransom note named "README.txt" which contains the following: After rebooting the system, it then displays the following:
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
fake lockscreen) as its ransom note: NOTES: This ransomware does not encrypt files. MSIL/LockScreen.TI trojan(Eset-NOD32);MSIL/LockScreen.TI!tr(Fortinet) Dropped by other malware, Downloaded from the
This Ransomware does the following: Displays a fake error message: Pings www.{BLOCKED}t6f090z5f5hf5h.com, terminates itself if successful Displays the following window as ransom note: Ransomware Routine
Displays the following window as ransom note: Password to decrypt files is THEDEVILKILLSYOU Ransomware Routine This Ransomware encrypts files found in the following folders: C:\Users It avoids encrypting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a