I have a pc infection with a new ransomware.
no extension change on files, and apprears 2 files in all encrypted directories:
dateINFECCIONZ.txt
date000.KEY
dateNFECCIONZ.txt contains this text:
"
YourID: NUMBERS
PC: HOSTNAME
USER: USER
*********
Hi there
Your files are now encrypted. I have the key to decrypt them back.
I will give you a decrypter if you pay me. Email me at:
momsbestfriend@protonmail.com or torrenttracker@india.com
If you don't get a reply or if both emails die, then contact me using a guaranteed, foolproof Bitmessage:
download it form here https://github.com/mailchuck/PyBitmessage/releases/download/v0.5.8/Bitmessage-0.5.8.exe
Run it, click New Identity and then send me a message at BM-NBvzKEY8raDBKb9Gp1xZMRQpeU5svwg2
Just remember that Bitmessage is slow, it takes 5 minutes to send a message and 15 to get a reply.
Cheers
"
HOST
W7 Pro
EPO 5.02.188 (Combating Ransomware - Rev H in place)
VSE 8.8.0.1528 SP7
Engine 5800.7501
DAT 8141
Dont have any threat event and cant find any info about this.
Anyone have detect that or more info ?
Thanks.