360工作人员-驱动哥 发表于 2019-8-14 16:31

Paradise勒索病毒家族

本帖最后由 Potato 于 2019-11-5 19:16 编辑

相关阅读:Paradise勒索病毒样本分析勒索病毒家族名字:Paradise
是否支持解密:否
详情:
被加密文件:文件后缀会被修改为NewCore



勒索提示信息:
文件名:-=###_INFO_you_FILE_###=-.txt
文件内容:
---------------------------------------------------------------------------------
All your files have been blocked for more information, please contact us by e-mail.

E-Mail: info_newcore@p-security.liand info_newcore@protonmail.com
You PC id: eBjN5z

The faster you contact us the faster we can help you.

勒索提示弹窗:
窗口名:info_newcore@p-security.li



sanmao 发表于 2019-8-16 15:02

您好,
我看您的说明中【是否支持解密:否】,这个病毒还有等待解密文件的必要吗?
再次感谢您!

360fans_jVEArR 发表于 2019-8-23 20:01

您好我也中了NewCore病毒,请问可以解密了吗

Potato 发表于 2019-11-5 19:00


家族:Paradise
黑客邮箱:
被加密文件后缀:b29

勒索提示信息:
---------------------------------------------------------------------------------
Your files are encrypted!

Paradise Ransomware Team!


Your personal ID
vN6YLGIr

Your personal KEY you can find in file %AppData%/DP/DecryptionInfo.dp



WHAT HAPPENED!
•Your important files produced on this computer have been encrypted due a security problem.
•If you want to restore them, write to us by email.
•You have to pay for decryption in Bitcoins. The price depends on how fast you write to us.
•After payment we will send you the decryption tool that will decrypt all your files.


FREE DECRYPTION AS GUARANTEE!
•Before payment you can send us 1-3 files for free decryption.
•Please note that files must NOT contain valuable information.
•The file size should not exceed 1MB.
•As evidence, we can decrypt one file


HOW TO OBTAIN BITCOINS!
•The easiest way to buy bitcoin is LocalBitcoins site.
•You have to register, click Buy bitcoins and select the seller by payment method and price
•https://localbitcoins.com/buy_bitcoins/
•Also you can find other places to buy Bitcoins and beginners guide here:
•http://www.coindesk.com/information/how-can-i-buy-bitcoins/
•write to Google how to buy Bitcoin in your country?


Contact!
•e-mail:
•or
•e-mail:



Attention!
•Do not rename encrypted files
•Do not try to decrypt your data using third party software, it may cause permanent data loss
•You are guaranteed to get the decryptor after payment
•As evidence, we can decrypt one file
•Do not attempt to use the antivirus or uninstall the program
•This will lead to your data loss and unrecoverable
•Decoders of other users is not suitable to decrypt your files - encryption key is unique

---------------------------------------------------------------------------------

Potato 发表于 2019-11-7 14:49

家族:Paradise勒索病毒家族
黑客邮箱:opensafezona@cock.li
被加密文件后缀:safe
勒索提示信息文件名:_BACK_FILES__.html
页: [1]
查看完整版本: Paradise勒索病毒家族