本帖最后由 Potato 于 2020-4-10 17:32 编辑
勒索病毒家族名称:Eris勒索病毒家族
是否支持解密:否
详情:
被加密文件:ERIS
被加密文件后缀格式:
勒索提示信息:
文件名:@ READ ME TO RECOVER FILES @.txt
文件内容 :
-------------------------------------------------------------------------------
*** ***
*** READ THIS FILE CAREFULLY TO RECOVERY YOUR FILES ***
*** ***
ALL OF YOUR FILES HAVE BEEN ENCRYPTED BY ERIS RANSOMWARE!
USING STRONG ENCRYPTION ALGORITHM.
Every your files encrypted with unique strong key using Salsa20 encryption algorithm:
https://en.wikipedia.org/wiki/Salsa20
Which is protected by RSA-1024 encryption algorithm:
https://en.wikipedia.org/wiki/RSA_(cryptosystem)
shadow copy, F8 or recuva and other recovery softwares cannot help you, but cause Irreparable damage to your files!
Technically no way to restore your files without our help.
we only accept cryptocurrency Bitcoin (BTC) as payment method! for cost of decryption service.
https://wikipedia.org/wiki/Cryptocurrency
https://wikipedia.org/wiki/Bitcoin
For speed and easily, please use localbitcoins website to purchase Bitcoin:
https://localbitcoins.com
* WE OFFER YOU 1 FREE FILE DECRYPTION (<1024 KB) WITHOUT ANY COST! TO TRUST OUR HONESTY BEFORE PAYMENT.
THE SIMPLE FILE MUST NOT BE ARCHIVED!
-----BEGIN ERIS IDENTIFICATION-----
ZEA8QGRSmWn3K9NRD2PK9KuZkkp6p33YQNt49ZsRTmhTGgNAj3pDUB1wV2wSs4gK
f3GaoGR86joL7NurkWW72AoN9c46EGkMH1FfBq58M1JCNbD8kGmwrgEpvhApX1RN
6w16x3se36LPCz2dL5Nvhw1fV5Qvu4JrkSpXNvabvWbLb7XfCTyCCR5fGeGHoMDm
WkTBUK4ePsTxiGhjMGYTac3NsrNReKbGqVcTBoiX3vRrdtwdofE2YBDNbw5jXmek
uHEfVcWQap4FfZgsSZw62a4J1t1ma55wBHxty87FiPWFbo4MjHMnVwmST6VsXcbs
2eYALBuCiZNR4ZDWPyZG1mKFFGgebqL5vN9f9FfpVpAkSFvGhFVr1eP5TD2M5iGx
f5tLMsTtQ3LQfDE2DSv7LhTaYjYGPzNAhsc4Y3SHQ25QFQCN4qm18V1hJYoLo6QT
XssSr8iNGAz8uK3ct8wSDzVRqz7BXAeXFMEVVzkoQc1pweHqwnZY6Z2PuNycg1yh
ZEGf8ibh4tZ4c7nEM4iBMTYAQfFKDCVb5Us4tcbRMaTjKtwiwtnHZuRA7D77uTtV
6pMh2uKYQQQ4thLewP61wwntoewHQGvPaxJpeqqEvnq4N4nU1xQQTz5oUdDuL6GB
Q7tgT6p6T32EUaZW6mC49CD3gJGeSEsMJHgySvpyukCjnnTPUFFNjSm82nUS4LtN
z6pak9Z6XVgLtQJLVi5oBajWyh1Kri8gNBHZ8SrwZnR9dmqoMRi24zCgjUgrPExJ
fASReC5as2Q1HH2zrmKQxNKePLwyMNS4UbAEGXUmx35BBAs1pT3usGih4sj8zTtF
fqpgBXGak4nGZa5QgWs9WEa5AU2dCHFmR8wz79HMh2Xq2mLMDbLh9kW18y5VMMiA
QTF3oedcUQKJQE28YtyhT2GieQ5idT78rXSfR3zcoihS8rP1b9jUZqUKqk1eV8b4
ab6XUH6Nm7o1N5xeLLXTLCArWrqg2aWCbo5gE3sf5ZDBaKZHs3EmRShYajXg1AcX
kBrzSbhWaaVm8CMMnDddPxH77coBwDUrZaFBGkcfoRh5EDG9F9sZkdrXfRa4DDCs
PQbe6S3h4Fo53cy1YTf8qfRBzgq6n6Jxh5FfvRG7e42iTnnJyzc6SGQyFDWKDfAQ
4hxLWECU3SP2AdRQsrmZLPNvoM9Ldt2m1mc5Z1851gXKZzPYnpCsmskbU44TzqmR
ohNkqGTCmFwSJbAfEHaPgnQnady8873xDr9rG8uDCgE1ir799r8ZEEokkUdEZn4Q
atbKThJyqRhNymjHtVzyaasxijfvPfPn3vYxTh868yJuJdroSdcXTVuSybBY8rTe
eMnxsYHv9Wut5msk3XF8fjr9QXiscH3shRCBUeyx85rjCaehhbnsgpKSETXJ1g8q
zAGPz4pYuxYNvUXmAKgWLE9hfp2ziN5g5my8gXHVDuuSbWJxLqy4XBdD3wunzH7m
MgvRQ7RtLExEUASBVEAcsUX4kVpD2VJn8zcq87R1GuBUJo5nzwgJ5hv14RyuaMep
YL1KUS3Le3CUZJ
-----END ERIS IDENTIFICATION-----
===========================================================================================================
(Decryption Instructions)
1. Send your ERIS IDENTIFICATION with one simple of your encrypted files (<1024 KB) to our email address:
Limaooo@cock.li
2. Wait for reply from us.
(usually in some hour)
3. Confirm your simple files are decrypted correct and ask us how to pay to decrypt all your files.
4. We will send you payment instructions in Bitcoin.
5. You made payment and send us TXID of Bitcoin transfer.
6. After we confirm the payment, you will soon get decryption package and everything back to normal.
* IN CASE OF FOLLOWING OUR INSTRUCTION,
FAST AND EASILY EVERYTHING IS BACK TO NORMAL LIKE THAT NEVER HAPPENED!
BUT IF YOU USE OTHER METHODS (THAT NEVER EVER HELPS) YOU JUST DESTROY EVERYTHING FOR GOODNESS!
BE A SMART AND SAVE YOUR FILES! NOT A FOOL!
===========================================================================================================
===============================
* DO NOT MODIFY ENCRYPTED FILES
* DO NOT MOVE ENCRYPTED FILES
* DO NOT USE RECOVERY SOFTWARES
===============================
=============================================================================================
(Frequently Asked Questions)
Q: I can not pay for it, what I do now?
A: Format your hard disk, re-install your softwares and start everything from begin!
Q: What a guarantee I can recovery my files after payment?
A: There is no any reason for us to do not give you decryption software and your special key.
The only our goal is help you not hurt!
=============================================================================================
-------------------------------------------------------------------------------
防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层