RCRU64勒索病毒家族详情

【家族名】
Win32/Ransom.RCRU64

[平台]   /   [主类型]  .  [家族名]
平台类型 :  Win32 Win64
威胁类型 : Ransom

【是否支持解密】
360解密大师：暂不支持
在线解密：暂不支持

【被加密文件】
被加密文件后缀格式： 修改文件后缀为. pbBk

【勒索提示信息】：
文件名：Read_Me!_.txt
文件内容 ：
-------------------------------------------------------------------------------
All Your Files Encrypted With Strongest Encryption Algorithm !

If You Really Need Your Files Please Send Us E-mail To Get Decryption Tools and Instructions

You Must Send Some Locked Files To Us For Decryption Test(Before Paying) !

If You Do Not E-mail Us And Do Not Need Your Files After A whlie Our Servers Will Remove Your Decrypion Keys From Servers !!!

Your Unique ID:  8CyjBu

Email Address: FilesRecoverEN@Gmail.com

Attention!!!

Subject Your Unique ID

Do Not Edit Or Rename Encrypted Files.

If You Do Not E-mail Us After 48 Hours Decryption Fee Will Double.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.
-------------------------------------------------------------------------------
【防护建议】
1.多台机器，不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性，并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制，并进行定期备份
4.定期检测系统和软件中的安全漏洞，及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括：
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件，并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件，如果已经被杀毒软件拦截查杀，不要添加信任继续运行。

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).


To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  5G97Dk

Email Address: Nordteam@mail.ee

In Case Of Problem With First Email Write Us E-mail At : Nordtalk@tutanota.com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.


What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

----------------------------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

----------------------------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

https://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

https://www.coindesk.com/learn/how-can-i-buy-bitcoin/

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).


To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  xxxxxx

Email Address: BluemanTeam@my.com

In Case Of Problem With First Email Write Us E-mail At : blueman5@tutanota.com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.


What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

----------------------------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

----------------------------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

https://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

https://www.coindesk.com/learn/how-can-i-buy-bitcoin/

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).


To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  GD74ry

Email Address: backyourfiless@mailfence.com

In Case Of Problem With First Email Write Us E-mail At : backyourfiless@gmail.com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.


What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

----------------------------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

----------------------------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

https://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

https://www.coindesk.com/learn/how-can-i-buy-bitcoin/

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).


To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  IB6Nwo

Email Address: nooli492@gmail.com

In Case Of Problem With First Email Write Us E-mail At : nooli492@cyberfear.com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.


What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

----------------------------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

----------------------------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

https://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

https://www.coindesk.com/learn/how-can-i-buy-bitcoin/

ATTENTION!
At the moment, your system is not protected.
We can fix itand restore files.
To get started, send a file to decrypt trial.
You can trust us after opening the test file.
To restore the system write to both : azadi33@smime.ninja and azadi33@keemail.me
Your Decryption ID: 4FC6718E700859F4

All Your Files Are Locked And Important Data Downloaded !


Your Files Are No Longer Accessible Don't Waste Your Time, Without Our Decryption Program Nobody Can't Help You .

If Payment Isn't Made After A While We Will Sell OR Publish Some Of Your Data At Telegram Channel @AresDatabase And Www.Breached.vc . You Don't Have Much Time!


Your ID : WPCQH

If You Want To Restore Them Email Us : LeakHub@Keemail.me

If You Do Not Receive A Response Within 24 Hours, Send A Message To Our Second Email : LeakHub@Mailfence.com

To Decrypt Your Files You Need Buy Our Special Decrypter In Bitcoin .

Every Day The Delay Increases The Price !! The Decryption Price Depends On How Fast You Write To Us Email.

We Deliver The Decryptor Immediately After Payment , Please Write Your System ID In The Subject Of Your E-mail.

What is the guarantee !

Before Payment You Can Send Some Files For Decryption Test.

If We Do Not Fulfill Our Obligations, No One Does Business With Us , Our Reputation Is Important To Us
It's Just Business To Get Benefits.

===============================================================================

Attention !

Do Not Rename,Modify Encrypted Files .

Do Not Try To Recover Files With Free Decryptors Or Third-Party Programs And Antivirus Solutions Because

It May Make Decryption Harder Or Destroy Your Files Forever !

===============================================================================

Buy Bitcoin !

https://www.kraken.com/learn/buy-bitcoin-btc

https://www.coinbase.com/how-to-buy/bitcoin



soms Center.mdf_[ID-WPCQH_Mail-LeakHub@Keemail.me].W1F

All Your Files Are Locked And Important Data Downloaded !


Your Files Are No Longer Accessible Don't Waste Your Time, Without Our Decryption Program Nobody Can't Help You .

If Payment Isn't Made After A While We Will Sell OR Publish Some Of Your Data At Telegram Channel @AresDatabase And Www.Breached.vc . You Don't Have Much Time!


Your ID : 2RBHN

If You Want To Restore Them Email Us : Helpadmin@mail.ee

If You Do Not Receive A Response Within 24 Hours, Send A Message To Our Second Email : Helpadmiin@tutanota.com

To Decrypt Your Files You Need Buy Our Special Decrypter In Bitcoin .

Every Day The Delay Increases The Price !! The Decryption Price Depends On How Fast You Write To Us Email.

We Deliver The Decryptor Immediately After Payment , Please Write Your System ID In The Subject Of Your E-mail.

What is the guarantee !

Before Payment You Can Send Some Files For Decryption Test.

If We Do Not Fulfill Our Obligations, No One Does Business With Us , Our Reputation Is Important To Us
It's Just Business To Get Benefits.

===============================================================================

Attention !

Do Not Rename,Modify Encrypted Files .

Do Not Try To Recover Files With Free Decryptors Or Third-Party Programs And Antivirus Solutions Because

It May Make Decryption Harder Or Destroy Your Files Forever !

===============================================================================

Buy Bitcoin !

https://www.kraken.com/learn/buy-bitcoin-btc

https://www.coinbase.com/how-to-buy/bitcoin

All Your Files Are Locked And Important Data Downloaded !


Your Files Are No Longer Accessible Don't Waste Your Time, Without Our Decryption Program Nobody Can't Help You .

If Payment Isn't Made After A While We Will Sell OR Publish Some Of Your Data . You Don't Have Much Time!


Your ID : xxxxx

If You Want To Restore Them Email Us : status.inbox1@gmail.com

If You Do Not Receive A Response Within 24 Hours, Send A Message To Our Second Email : status.inbox2@gmail.com

To Decrypt Your Files You Need Buy Our Special Decrypter In Bitcoin .

Every Day The Delay Increases The Price !! The Decryption Price Depends On How Fast You Write To Us Email.

We Deliver The Decryptor Immediately After Payment , Please Write Your System ID In The Subject Of Your E-mail.

What is the guarantee !

Before Payment You Can Send Some Files For Decryption Test.

If We Do Not Fulfill Our Obligations, No One Does Business With Us , Our Reputation Is Important To Us
It's Just Business To Get Benefits.

===============================================================================

Attention !

Do Not Rename,Modify Encrypted Files .

Do Not Try To Recover Files With Free Decryptors Or Third-Party Programs And Antivirus Solutions Because

It May Make Decryption Harder Or Destroy Your Files Forever !

===============================================================================

Buy Bitcoin !

https://www.kraken.com/learn/buy-bitcoin-btc

https://www.coinbase.com/how-to-buy/bitcoin

家族：RCRU64
被加密文件后缀:pbBk
黑客邮箱/Url：FilesRecoverEN@Gmail.com

家族：RCRU64
被加密文件后缀:F3xA
黑客邮箱/Url：andreihelp@cyberfear.com

家族：RCRU64
被加密文件后缀:Ngrt
黑客邮箱/Url：BluemanTeam@my.com

家族：RCRU64
被加密文件后缀:d7jl
黑客邮箱/Url：nooli492@gmail.com

家族：RCRU64
被加密文件后缀:sJx3
黑客邮箱/Url：selivrecovery@mail.ee

家族：RCRU64
被加密文件后缀:f51M
黑客邮箱/Url：Nordteam@mail.ee

家族：RCRU64
被加密文件后缀:1fyn
黑客邮箱/Url：backyourfiless@mailfence.com

家族：RCRU64
被加密文件后缀:HYDRA
黑客邮箱/Url：Ez.decrypt@msgsafe.io

家族：RCRU64
被加密文件后缀:DLM
黑客邮箱/Url：backshow@my.com

家族：RCRU64
被加密文件后缀:Mafer
黑客邮箱/Url：nooli492@gmail.com

家族：RCRU64
被加密文件后缀:Mafer
黑客邮箱/Url：nooli492@gmail.com

家族：RCRU64
被加密文件后缀:Mafer
黑客邮箱/Url：nooli492@cyberfear.com

家族：RCRU64
被加密文件后缀:TD1
黑客邮箱/Url：backshow@my.com

家族：RCRU64
被加密文件后缀:BTC
黑客邮箱/Url：azadi33@smime.ninja

家族：RCRU64
被加密文件后缀:W1F
黑客邮箱/Url：LeakHub@Keemail.me

家族：RCRU64
被加密文件后缀:W1F
黑客邮箱/Url：LeakHub@Keemail.me

家族：RCRU64
被加密文件后缀:W1F
黑客邮箱/Url：LeakHub@Mailfence.com

家族：RCRU64
被加密文件后缀:N6G
黑客邮箱/Url：RESTDB@my.com

家族：RCRU64
被加密文件后缀:XMB
黑客邮箱/Url：Helpadmin@mail.ee

家族：RCRU64
被加密文件后缀:CEH
黑客邮箱/Url：Helpadmin@mail.ee

All Your Files Are Locked And Important Data Downloaded !


Your Files Are No Longer Accessible Don't Waste Your Time, Without Our Decryption Program Nobody Can't Help You .

If Payment Isn't Made After A While We Will Sell OR Publish Some Of Your Data At Telegram Channel @AresDatabase And Www.Breached.vc . You Don't Have Much Time!


Your ID : BAC54

If You Want To Restore Them Email Us : dr.file2022@gmail.com

If You Do Not Receive A Response Within 24 Hours, Send A Message To Our Second Email : dr.files@onionmail.org

To Decrypt Your Files You Need Buy Our Special Decrypter In Bitcoin .

Every Day The Delay Increases The Price !! The Decryption Price Depends On How Fast You Write To Us Email.

We Deliver The Decryptor Immediately After Payment , Please Write Your System ID In The Subject Of Your E-mail.

What is the guarantee !

Before Payment You Can Send Some Files For Decryption Test.

If We Do Not Fulfill Our Obligations, No One Does Business With Us , Our Reputation Is Important To Us
It's Just Business To Get Benefits.

===============================================================================

Attention !

Do Not Rename,Modify Encrypted Files .

Do Not Try To Recover Files With Free Decryptors Or Third-Party Programs And Antivirus Solutions Because

It May Make Decryption Harder Or Destroy Your Files Forever !

===============================================================================

Buy Bitcoin !

https://www.kraken.com/learn/buy-bitcoin-btc

https://www.coinbase.com/how-to-buy/bitcoin

家族：RCRU64
被加密文件后缀:4MX
黑客邮箱/Url：whitehelper@skiff.com