本帖最后由 Potato 于 2020-4-10 17:17 编辑
相关阅读:Medusalokcer勒索病毒样本分析,我是链接请点我。
勒索病毒家族名称:MedusaLocker
是否支持解密:否
详情:
被加密文件:
被加密文件后缀格式: encrypted
360社区
勒索提示信息:
文件名:HOW_TO_RECOVER_DATA.html
文件内容 :
-------------------------------------------------------------------------------
All your data are encrypted!
What happened?
Your files are encrypted, and currently unavailable.
You can check it: all files on you computer has new expansion.
By the way, everything is possible to recover (restore), but you need to buy a unique decryptor.
Otherwise, you never cant return your data.
For purchasing a decryptor contact us by email:
Folieloi@protonmail.com
If you will get no answer within 24 hours contact us by our alternate emails:
Ctorsenoria@tutanota.com
What guarantees?
Its just a business. If we do not do our work and liabilities - nobody will not cooperate with us.
To verify the possibility of the recovery of your files we can decrypted 1 file for free.
Attach 1 file to the letter (no more than 10Mb). Indicate your personal ID on the letter:
BE8D716B4A90B94D87DE03FEA33DC48A575CB2BCB7C64F43482EA60707AF27A7D4DB73EB6CA9C1B3BA97BAA6EDC95E3BC9D3A95768BEDAD001D1861216928E1C
D9577CBBF4627FB0BE290B17C4D6870DF26EEFF88B0DD8C019464BA8DEB53EB87F33331191B9C5660FF8FD37129E4909D9C39A5CEC3BEF4E6F7A877548F1
618BBF8FC7F226691E246057AA5976E46591FB78E28E8A147C753FF907E670B743C1E2057BB6C1C67C9F4FCE0CFA913A5EF8FCCCD77A6571C0819E5AA9BC
A7F5532F78A452A6FB0C3F13B312BC742D84519C628160D956EBF605565B9189875D52B450E032D51C8EFFC5F43179CCE9F5E14ECB2A2BA3F89C18A82CD7
70833ED81C358C54428BC8F890C6211E961F34F16F2A1170915F3C42EEE90093AE7DD90D0EB4A7BD6904B868D3FF0992ECFC50C2F271CAD300409030FB21
712695574D253847EDB194305F35BB5682C5B49C1000EEA99FC87310174EA6BAFB6A61DA1DE0E72513D72F503D094828E17C4C913974D2AE1A607DDC9E50
9674F78BF4F55745210243FFE5D357E9334176F36045AA486C04568109AE6AC2DBA162B0ECD6E109B34144B99485BDD5E74451E1D438D2C0ED272C44DDE6
144AEF66BB23796CC6DF0F7122BE05BDF78A61B56E1CA065C2C0D95D962D6C3730D7569606DFD394757E682C3610C08900F5873A54C6B82CD5263A93D4F3
9D89DF6C04B89A5E0C2820D9DF7D
Attention!
- Attempts of change files by yourself will result in a loose of data.
- Our e-mail can be blocked over time. Write now, loss of contact with us will result in a loose of data.
- Use any third party software for restoring your data or antivirus solutions will result in a loose of data.
- Decryptors of other users are unique and will not fit your files and use of those will result in a loose of data.
- If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key.
-------------------------------------------------------------------------------
弹窗:
360社区
传播途径:
该勒索病毒家族从2019年10月份开始传播,目前主要通过暴破远程桌面口令后手动投毒。
远程桌面防护建议:
1. 建议设置长度为18位 大小写加字符加数字 最好每三个月更换一次密码
2. 卫士目前已经支持弱口令防护 除xp系统外 都支持
360社区
防护建议:
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
评论
直达楼层