Potato 发表于 2020-10-12 18:34

WoodRat勒索病毒家族详情

勒索病毒家族名称:WoodRat勒索病毒家族
是否支持解密:否
详情:
被加密文件:
被加密文件后缀格式: 修改文件后缀为woodrat

勒索提示信息:
文件名:LOCKED_README.txt
文件内容 :
-------------------------------------------------------------------------------
Ooops, all your files are encrypted, that means you can't use them for a while!!!
They are not perpmanently lost, for there's a special key to get them back.
You can try all the ways you have to decrypted your files, but it's just a waste of time,
eventually you will know there's no other way but to contact us for help.
With our help, you could get your files back within a hour, but you need to follow the instructions below :

Send an email to the addr below :
woodratofficial@outlook.com

with content of :
*1 your "ID" & "BIT KEY" located in "LOCKED_README.txt"
*2 The amount of files encrypted and the finish time(I have ways to figure out the finish time, so think twice)

Then, there's two choices :
*1 pay us immediately, so we'll help you decrypt as soon as the payment was conformed
*2 wait for our reply(need a lot of time)
*the first method was recommended for you have limited amount of time
*if you'd like to test some files, you can send them to us via mail,but here's the limtation :
*quantity <= 4 and total file size <= 4mb

[*] send xmr to the addr below :
41k9ry6hQUZLJJd9ZEJpPVXNuUVjRNJGkPbroMfXJVf6DsqHfJ6Sro2LHJzr6wuvXwE5kS7c9Azni2F8srmGScU5Fzu9P2C
more detail about xmr purchasing, visit https://www.getmonero.org/ or just use search engine for 'buy xmr'
if you have future questions, it's welcome to send us a mail!


[*] here's the price, notice : you only have limited amount of time
=====================================================
= encrypted in 1-3 days   - 1.5 xmr to get decrypt=
= encrypted in 3-7 days   - 3 xmr to get decrypt    =
= encrypted in a month    - 10 xmr to get decrypt   =
= encrypted over a month- never get decrypt       =
=====================================================


哎呀,你所有文件都已加密,这意味着您暂时不能使用它们!!!
它们不会永久丢失,因为有一个特殊的钥匙可以将它们取回。
您可以尝试所有方法来解密文件,但这只是浪费时间,
最终,您将知道别无选择,只能与我们联系以寻求帮助。
在我们的帮助下,您可以在一小时内取回文件,但是您需要按照以下说明进行操作:

向下面的地址发送电子邮件:
woodratofficial@outlook.com

的内容为:
* 1您的 "ID" 和 "BIT KEY""LOCKED_README.txt"
* 2加密文件的数量和完成时间(我有办法计算出完成时间,所以请三思)

然后,有两个选择:
* 1 [推荐]立即付款给我们,因此我们会在付款成功后帮助您解密
* 2 等待我们的回复(需要很多时间)
* 建议您在时间有限的情况下使用第一种方法
* 如果您想测试某些文件,可以通过邮件将其发送给我们,但这是限制条件:
* 数量<= 4,文件总大小<= 4mb

[*] 将xmr发送到以下地址:
41k9ry6hQUZLJJd9ZEJpPVXNuUVjRNJGkPbroMfXJVf6DsqHfJ6Sro2LHJzr6wuvXwE5kS7c9Azni2F8srmGScU5Fzu9P2C
有关xmr购买的更多详细信息,请访问https://www.getmonero.org/或仅将搜索引擎用于'购买xmr'
如果您将来有疑问,欢迎给我们发送邮件!


[*]这是价格,请注意:您只有有限的时间
====================================
= 在1-3天内加密 -1.5 xmr以获取解密 =
= 在3-7天内加密 -3 xmr以获取解密   =
= 每月加密      -10 xmr以获取解密=
= 加密一个月    -永不解密          =
====================================


ID : Sd2TahNj7M4k8sElUyuy5A==


========start BIT KEY========
dGX4DiFr3XGwrKDsp6qPBMOX1RQYmk67mQndnJKUo+G/nTDJtECaqTIcHDDlq3ddkwL6tAhfu
lt1Qu458TP1VX4zNrCayLDLEK3OapIjTEBXDZmjqR8x7Nc+5MWI1MI4V33M+jrT2e6mICs9Py
tI2Oc1+DcLabrfzjIcyPeKn38SlfuVNmDlxoK1IumRQyqfz6PRgFUd2iSHI+8TA9Trj8HBjae
YmoH+lKnz3nzlFkl5hhk6GOCwmzELeYqKNgeDScoby+egm04NEMl3XMN6mnDivegGh6iXz0jz
BnnIafKFpLRITE8My1c1qFDOOfwAt0tXak935zem/gRRtJGidAw2mHZPFhnDnaxtb++IuBbsg
dm1GlR0dvpsDb8hlXXkloGQd4jewMZtUMq2ywdz+M7YGL8W10+ysLTRSXdcSjqKw/cVPwxkEU
rujyZPz3XoI4ksR+ZPOU3D6SyjhMknzuiXjgFnKhXo14KyLhAGRpM8CSefZO/LCY5RostraQm
Him7UsePmYkFeBc6n6CSq7fCnyR8qMDbx6KeL4CIh7vmfk7JJ/cLWQDt+kKkglskyurDeqamX
sKc2fL2qKUpdn2pIPit157tZU7BhzP6Zj8BkI3ke6VTmQ82YqJ4d+A+S9e/8WkajMsFs9sqXN
wGAbMoMYoWZX1tBOtcWTe7MCHE=|||OK1wC3S+HM/RFIXkN3ehsx23sUhqatV4u0Rp7Q8B9lO
MBS9xZlpr89xQPhIS/HwZlRd7QJiTV0QAi8uXAePuRjcA330r4dawzgYoJUpsFZwkXpfsNPqw
xZGLf7T6lg2YkS7e3QTmxe+xEr1DQlnau/KOtfCL05Qk5rdJxdrZUpfqs+Ua7NBmYaOwQgAQq
f3ZvuvFdCQfU3aTZ3oqHaRZIt4fD1PbySft2Zj3FuZMmId2rx+4JiBOfGYbIGArVf7WUAha/7
kIl0XJdAH30nYdgwCJd2pRx6QfPHamaGsD3eOQiL5yiOpRU06dJIqSGq5oa3VDD5l76gEjDhk
YlbSI8+EbsT8Guq+yrzAQa55mRFEy5b9eOs8SmcaTxNNDA3OoA3yuJ2Hfp+FVkXgO2JvjHxni
bObRHi8capiWjmdfF4v1jOTJuDlbmV6VGJupWbBigDpZqtskiMfzAZ485NYySYSBftbijjZGu
voAFQSosY7tMlQmoobaoA5sMhBAcn713CCUAF2bG21R8GNYDvefvWfPchKQZSHC6dAFmPJ7Hr
URNIMrcCobpzjlJR0foRGDE2IchgxTjrZypHSfZQasuzI8EQ9QMBS8MFOjJ7d6YNDnlHXfs4N
sRln5/iefIf7JfNVfpRaXXs/+sBQe2WWDDasSQJ+4Rq0UYuuEFITpzRU=#
========end BIT KEY========
-------------------------------------------------------------------------------
防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
页: [1]
查看完整版本: WoodRat勒索病毒家族详情