Potato 发表于 2020-5-27 18:22

Scarab勒索病毒家族详情

勒索病毒家族名称:Scarab勒索病毒家族详情
是否支持解密:否
详情:
被加密文件:
被加密文件后缀格式: 文件后缀被修改为cov19

勒索提示信息:
文件名:TO RECOVER.TXT
文件内容 :
-------------------------------------------------------------------------------
Hello.
Many vulnerabilities detected on your server.
Because of this, all your files have been encrypted with the strongest encryption.
All attempts to decrypt files on their own will lead to data corruption.
Antivirus operation can permanently damage files.
Gather information about identifiers and send it by mail.
Remember that your keys are not stored for long and can be automatically deleted.
No data recovery company can recover it. Recovery company will be contacted by we on the indicated mail.
For information on decoding, please write to the e-mail FushenKingdee@protonmail.com
Your files are now encrypted!


Your personal identifier:
o4QAAAAAAADGe8HBFZSHE0QkCAR=AcvY3qN+z0kbGwE9HHZ2vTPbh7jKoK47h1p5e=RT9TY6kvNn=uMbd6eq+6Ii1z2g12fnjMjl
WBr1w6Kvdi3GL0xv0aSeLNotrZii9G3Nla6TDlxu2Xho=x9OVdlPbX+6Krq7NFn6pnJvaGJZBpvrSjX+o+=UO=9AvLnKTVuugKZl
AQASHuKwK6av4IaiXSsaQg=rl4AvAwe2d2NbzCwJi62tctSr7ZXti9Lwu8g8qDAicddtDINVvhu4PxdhAdSKV3OFXFpa=1sQRBPs
IXtTEzLL+kr6UDkUFZIWRq5Yyu9rhhwuf8ASMwcn05UGAfwOBdsgu9OH+fjB1xLaUIY2XtbPd7D3YX9djUttetAH4RqzPdNjzTQt
wDhgXT2=4cpKoY2BOExaEhUSM0eA6W=X2Cy424b3cOlYtwrolAan6AYR2UDaEdfuF6YD0Yl4L9CKSEk9vJbTGIfX6pqsa3u9TRP6
BMQ8E80kBjKrWqjLBKJshsQF4ZJQsgsRNpTxvywk1rv1TyahwZ0g8Oi3t0IQQtrs9blD83gL599HJPcbcqovoAaTs0dRJ8mTMCSa
bFAOasW1mCY5TPq0C2hn0BXVYlrhMBTOA4KiH0QZRzfziRyoPrkcKn+PAUsTm4DabCE3vMoPAS8QzcE7CPQrJvuQ60G5cMFPD2CY
lCcMdkZjoIdEcdfBySjLT5ATb4II7IsEziwE3kZfcDFE6BOsAjcy8gdiGF+L9HH4DzlZYH3vMJdUckkqzz4TZmY5G092cg+CcTmr
qVkWh06bO3c17m06HSkCFtbFQBdyyXEJ7PUhCls1QOGtR2I3


Now you should send us email with your personal identifier.
Contact us using this email address: FushenKingdee@protonmail.com

Free decryption as guarantee!
Before paying you can send us up to 3 files for free decryption.
The total size of files must be less than 5Mb (non archived), and files should not contain
valuable information (databases, backups, large excel sheets, etc.).

Attention!   
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price
   (they add their fee to our) or you can become a victim of a scam.       

-------------------------------------------------------------------------------
防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。

Potato 发表于 2020-8-6 16:35

!!!!!YOUR FILES ENCRYPTED !!!!!

Your personal identifier
0520694260026635954484159812945805475451550496332108555847782619666224553663194891960594062777973443
9092994955571691232365854457562182183802622105194566211540773278709635990187659321376682636035563935
8808287723137724220379096562626763566947175390776184852837489985269543825770181937512814331580903529
6236709941107501749957420588010180137458597242565673571430877825756352546960447656551546086710515992
7734919412675028548558642315692937605731539536729587616863937808047276264767134634829558957702326304
9572879042681294880729024063525260582057339654291736704485380516994251966864264773107445572906981857
068192105015652092

Your documents, photos, databases, and other important data were encrypted.
Data recovery requires our decoder.
To receive the decoder, you should send an email to the email address

mortalis_certamen@aol.comormortalis_certamen@zoho.eu

In the letter, enter your personal

ID 0520694260026635954484159812945805475451550496332108555847782619666224553663194891960594062777973443
9092994955571691232365854457562182183802622105194566211540773278709635990187659321376682636035563935
8808287723137724220379096562626763566947175390776184852837489985269543825770181937512814331580903529
6236709941107501749957420588010180137458597242565673571430877825756352546960447656551546086710515992
7734919412675028548558642315692937605731539536729587616863937808047276264767134634829558957702326304
9572879042681294880729024063525260582057339654291736704485380516994251966864264773107445572906981857
068192105015652092

Attention!
?* Do not attempt to uninstall the program or run antivirus software
?* Attempts to decrypt files by themselves will result in the loss of your data
?* Decoders of other users are incompatible with your data, as each user
Unique encryption key

Potato 发表于 2020-8-6 16:35

ATTENTION!
At the moment, your system is not protected.
We can fix it and restore files.
To restore the system write to this address:
levandos@email.cz

Personal id:
69020000000000006DC34E6D1D92870D80300C0457727B97FD17E302421025CE375B718A34CF6AABBDB1AEE635BBB6F5F089
9D947657D6B37B1B9C2BA8E4E9B8BAE1EB724DAFF9DA8E474EC836A2674C6D1E7137772C5BF2F14C4FDF5E6546FA814AF99E
6576DB442A41312B3F792B06CA28EE94574374E3BBC17947DE3B11FB1A95AB665C1DB3895EB46972D77366CEA34689B1C1AE
6E8B4AC8CB1D2977B555F6BEDB3EB783F63B904E9B895D38E4C82D34DD362BE452D11D54D8D989E87CDD41D1EACAFE6D101E
83FBD9A21FF932DB4B142EA839201ED64E9A006403CB6448A634A43B6D44DE9088F0E88AC5BEFFD9E3AFC256CF731F985338
B60327E07BA29FC8BB2C5A6855170DEADC2720023BD4CA2AA3C3A3EF9F85877C2F7AC213B4B925541007E321C682D0685649
D9442674406661207101B9D45C98D3E2296798063DFE01

Potato 发表于 2020-8-6 16:49

Your personal identifier
2151461946139775083151075070683860384128503913403927205994089386328501975805775448197560921749063200
7350515014191833995546830025528110179125650892116456754815591297636115712281414630038595676899887587
2745364349310091856526138500704764386969446982859195060623604046645120462271012756349765998805479618
9068385595285833610718638334370986842126474116533336719383836749349585861560840510279811813123345145
3220121224939492643856930514031891152106533571808260706018914652095350203576490256118381059683072780
5257073788147949689898008436586656034174417965976062592177326107617779268954916183583316621775746642
235056985922957982

Here is our email Address : BM-2cSz97HV6KCdk8k41bGGmabXF1yBXUZmji@bitmessage.ch

Your files are encrypted because you don't give enough attention to the safety of your system.
To decrypt your data, you must to pay us. After payment we will send to you personal decoder.
We are not liars or cheaters. You pay - we help.
The more time you wait before you pay = the more expensive price. It's simple. Be reasonable.
Now the price is 2 bitcoin tomorrow 3 bitcoin. After 48 hours, the price will grow. Hurry up!


if you afraid - you can send FEW files for test decrypting.
we don't decrypt ".exe" files, databases, and backups for test(read: for free),
you can send another files like jpg pdf xls doc and other. Total max size of files is 5 mb.
but don't forget - time is running out.
Your wish to get test files don't affect on the discount time. Only send files via e-mail.

Potato 发表于 2020-8-6 16:57

YOUR FILES ARE ENCRYPTED!

Your personal ID
2977253494271726596709939438861684241467933938453992084633161523723120720101605582618344186096912900
2644035032322049082875408541554518704344490212257563475219303481147371815748438366136283784157809010
3948397258870959036480641715556130614034640777224691776593736283802403825424796610921492019844327426
2776371688075421500803687629558296032179075391183137749476710095982624133853664514447903001328689165
7622798451941324782687998419543836617834381308928677976288813455888154434687387025165032678887168946
6124294097657051936733377987580166736739948803583495711097179216791232286989336029242019616969211628
930916293208751244

All your files have been encrypted due to a security problem with your PC.
To restore all your files, you need a decryption.
If you want to restore them, write us to the e-mail makbigfast@india.com.
In a letter to send Your personal ID (see In the beginning of this document).
You have to pay for decryption in Bitcoins.
The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
In the letter, you will receive instructions to decrypt your files!

In a response letter you will receive the address of Bitcoin-wallet, which is necessary to perform the transfer of funds.
HURRY! Your personal code for decryption stored with us only 72 HOURS!

Our tech support is available 24 \ 7
Do not delete: Your personal ID
Write on e-mail, we will help you!

Free decryption as guarantee
Before paying you can send to us up to 3 files for free decryption.
Please note that files must NOT contain valuable information and their total size must be less than 10Mb.
When the transfer is confirmed, you will receive interpreter files to your computer.
After start-interpreter program, all your files will be restored.

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.
Do not attempt to remove the program or run the anti-virus tools
Attempts to self-decrypting files will result in the loss of your data
Decoders are not compatible with other users of your data, because each user's unique encryption key

Potato 发表于 2020-8-6 17:08

YOUR FILES ARE ENCRYPTED!

Your personal ID
5220198081113184569526065218803499925862792490209621005113708584178241127869498384414649891184352379
4500272689450153822864592559372748818871497544686439215241674339899966638057302694140724497565341590
2059828772833236984211433166955999212562824698403756573654328863034137686397160819543653022392930071
1580239372149584422328840169780001674942277284421144167943236806466043474645475444737670912294434559
6068565711390460009403229016399439788566552390086145917142659892496991921651911032305943434344078053
3791345085863814049587690246384106133084623630585405814724747545949868098675324866720674937364514746
550226827971200742

All your files have been encrypted due to a security problem with your PC.
To restore all your files, you need a decryption.
If you want to restore them, write us to the e-mail happydaayz@aol.com.
Or you can write us to the e-mail strongman@india.com.
In a letter to send Your personal ID (see In the beginning of this document).
You have to pay for decryption in Bitcoins.
The price depends on how fast you write to us.
After payment we will send you the decryption tool that will decrypt all your files.
In the letter, you will receive instructions to decrypt your files!

In a response letter you will receive the address of Bitcoin-wallet, which is necessary to perform the transfer of funds.
HURRY! Your personal code for decryption stored with us only 72 HOURS!

Our tech support is available 24 \ 7
Do not delete: Your personal ID
Write on e-mail, we will help you!

Free decryption as guarantee
Before paying you can send to us up to 3 files for free decryption.
Please note that files must NOT contain valuable information and their total size must be less than 10Mb.
When the transfer is confirmed, you will receive interpreter files to your computer.
After start-interpreter program, all your files will be restored.

Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.
Do not attempt to remove the program or run the anti-virus tools
Attempts to self-decrypting files will result in the loss of your data
Decoders are not compatible with other users of your data, because each user's unique encryption key

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:cashdashsentme@protonmail.com

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:HOW TO RECOVER ENCRYPTED FILES.TXT

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:one
黑客邮箱:OneWay@cock.li

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:cov19
黑客邮箱:FushenKingdee@protonmail.com

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:cov19

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:TO RECOVER.txt

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:Many vulnerabilities detected on your server.

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:scarry

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:scarry
黑客邮箱:scarry38@horsefucker.org

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:Trojan.Generic@ML.92

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:rbs
黑客邮箱:madeinussr@protonmail.com

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:ncov
黑客邮箱:ncov@cock.li

Potato 发表于 2020-5-28 10:39

家族:Scarab
被加密文件后缀:scarry
黑客邮箱:scarry5@horsefucker.org

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:inc_evilsi@protonmail.ch

Potato 发表于 2020-5-28 10:39

家族:Scarab
特征数据:FushenKingdee@protonmail.com

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

Potato 发表于 2020-6-2 16:40

家族:Scarab
特征数据:Ssimpotashka@gmail.com

Potato 发表于 2020-6-2 16:40

家族:Scarab
特征数据:hacker_decryption@protonmail.ch

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

发表于 1970-1-1 08:00

Potato 发表于 2020-6-2 18:59

家族:Scarab
特征数据:hacker_decryption@protonmail.ch

Potato 发表于 2020-6-2 18:59

家族:Scarab
特征数据:Ssimpotashka@gmail.com

Potato 发表于 2020-6-5 19:31

家族:Scarab
特征数据:coronavirus
页: [1] 2 3 4 5 6 7
查看完整版本: Scarab勒索病毒家族详情