Potato 发表于 2022-6-9 15:38

Pipikaki勒索病毒家族详情

【家族名】
Win32/Ransom.Pipikaki

[平台]   /   [主类型].[家族名]
平台类型 :Win32 Win64
威胁类型 : Ransom

【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持

【被加密文件】
被加密文件后缀格式: 修改文件后缀为.@Pipikaki

【勒索提示信息】:
文件名:WE CAN RECOVER YOUR DATA.txt
文件内容 :
-------------------------------------------------------------------------------
Hello my dear friend
Unfortunately for you, a major IT security weakness left you open to attack, your files have been encrypted
If you want to restore them,write to our skype - Pipikaki Decryption
Also you can write ICQ live chat which works 24/7 @PIPIKAKI
Install ICQ software on your PC https://icq.com/windows/ or on your mobile phone search in Appstore / Google market ICQ
Write to our ICQ @PIPIKAKI https://icq.im/PIPIKAKI
If we not reply in 6 hours you can write to our mail but use it only if previous methods not working - pipikaki@onionmail.org
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* We are always ready to cooperate and find the best way to solve your problem.
* The faster you write, the more favorable the conditions will be for you.
* Our company values its reputation.We give all guarantees of your files decryption,such as test decryption some of them
We respect your time and waiting for respond from your side
tell your unique ID: 5391F333
Sensitive data on your system was DOWNLOADED.
If you DON'T WANT your sensitive data to be PUBLISHED you have to act quickly.
Data includes:
- Employees personal data, CVs, DL, SSN.
- Complete network map including credentials for local and remote services.
- Private financial information including: clients data, bills, budgets, annual reports, bank statements.
- Manufacturing documents including: datagrams, schemas, drawings in solidworks format
- And more...


-------------------------------------------------------------------------------
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。

Potato 发表于 2022-6-9 15:41


                                                                                 Hello!
Can i Recover My Files? Sure. We guarantee that you can recover all of your files safely and easily! But You have to be fast!. How fast you will pay as fast all of your data will be back like before encryption.
To contact us:
Download the (Session) messenger (https://getsession.org) inmessenger : 052d67fed3cb--------------------192abdb255c11e442c5efa8af7a630bbc7578e79You have to add this Id and we will complete our converstion.
                                                             You have to pay for decryption in Bitcoin ONLY!
                                                                                 ATTENTION !!!

Your personal ID: --------

Do not rename encrypted files, do not try to decrypt your data using third party software, it may permanent data loss.

We have been in your network for a long time. We know everything about your company most of your information has already been downloaded to our server. We recommend you to do not waste your time if you dont wont we start 2nd part.

那一天_802 发表于 2022-6-24 08:27

我中了这个病毒怎么解决?

360fans_wap3188913756 发表于 2022-6-27 15:35

我也中了,很多资料都没了。。。
Hello my dear friend
Unfortunately for you, a major IT security weakness left you open to attack, your files have been encrypted
If you want to restore them,write to our : pipikaki@privatemail.com
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* We are always ready to cooperate and find the best way to solve your problem.
* The faster you write, the more favorable the conditions will be for you.
* Our company values its reputation.We give all guarantees of your files decryption,such as test decryption some of them
We respect your time and waiting for respond from your side
tell your unique ID: v4+VcTzDrHpACx++ZFFSvWEqRGmr1aPNYM0ykmC2X7NXYyTIkFoQzLTjwCx97A13fObTtPnFrhReM7wjO9z5DGwnI/XfEJAWe4k0v6hqAckcFRJv2WI43pWe49MkuSyOcsfdYytMviHeHaZ8vTNaNMOIJA/BuZdIj/p97HXUUmDhK/1PzP3JG+cnMzb3B7l6UVGlA1p/fEPC7vy4kY4C9n21oj+gl7tTH6vD2tNYLmiNjHn6f82bTWo7tVC9UAqG5EcyPmKtWl1nzcBvjKqIctitFGNXXv9nXbViZQ/H+JzcHn+iNHZ1xwxdOIIr0x+x4aykZJ2bSrBpBwq5f+VvCEidAR/XdBXYDNyrjnMGyFRE/o1cLxNVtKo1yk7b85ERjz6IPS/fnj3lrO9wNLXEjHvmiRgOkg/ho4e7D8OVgr4wBeOYkudGlYhR8kzAdlCQOEXOhIXIgAJI+1XtsdrmyEufIwE6HJn7r/y/qtNiIX8bLb3eYZc0eu+oI3apc64pBm8BH9BefCfkIu+Wip5Glcg1GWvvccyj4xhlLsZce/fcbjz9Qp13WNlHnzHutAio5G/gS6PX74XEGVU6Cb1/UPF2nDNjlMxKbt6fFO8Jcrsjz4qJECjmuiYeh2B1TlJELRNvFK5dGfFFPs4JoHDKxBsBFN8AD2IF6dHbq/Uz9m8=
Sensitive data on your system was DOWNLOADED.
If you DON'T WANT your sensitive data to be PUBLISHED you have to act quickly.
Data includes:
- Employees personal data, CVs, DL, SSN.
- Complete network map including credentials for local and remote services.
- Private financial information including: clients data, bills, budgets, annual reports, bank statements.
- Manufacturing documents including: datagrams, schemas, drawings in solidworks format
- And more...
页: [1]
查看完整版本: Pipikaki勒索病毒家族详情