Ransom.CryptoMix

Description

CryptoMix (a combination of CryptXXX and CryptoWall) is a ransomware family that was first spotted on March 2016, and is still spreading via malicious spam campaigns and exploit kits (Nuclear, Neutrino, RIG)

Family

– CryptoMix
– CryptFile2
– CryptoShield
– Revenge
– Mole

Adds Extensions:

.WALLET, .rdmk, .lesli, .scl, .code, .rmd, .rscl., .CRYPTOSHIELD, .MOLE, .mole00,  .mole02, .mole03, .AZER, .EXTE, .ZAYKA, .NOOB, .CK, .ZERO, .PIRATE, .OGONIA, .CNC, .ERROR

Ransom note:

HELP_YOUR_FILES.HTML, INSTRUCTION_FOR_HELPING_FILE_RECOVERY.TXT, HELP_YOUR_FILES.TXT, _HELP_INSTRUCTION.TXT

Protection:

Malwarebytes users are already protected against CryptoMix/MOLE ransomware thanks to our multi-layer defense. Sample: 1ce25f95f15f69760846eaf055c5d4d8

Screenshots

Malwarebytes Anti-Ransomware Detection

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language