Ransom.CryptoMix

Short bio

CryptoMix, a combination of CryptXXX and CryptoWall, is a ransomware family that is first spotted on March 2016 and is still spreading via malicious spam campaigns and exploit kits, such as Nuclear, Neutrino, and RIG.

Family

– CryptXXX
– CryptoWall

– CryptFile2
– CryptoShield
– Revenge
– Mole

Ransom file extensions

.AZER .MOLE .rmd
.CK .mole00 .rscl
.CNC .mole02 .scl
.code .mole03 .SHARK
.CRYPTOSHIELD .NOOB .WALLET
.ERROR .OGONIA .x1881
.EXTE .PIRATE .ZAYKA
.lesli .rdmk .ZERO

Ransom note files

  • _HELP_INSTRUCTION.TXT
  • HELP_YOUR_FILES.HTML
  • HELP_YOUR_FILES.TXT
  • INSTRUCTION_FOR_HELPING_FILE_RECOVERY.TXT

Remediation

Malwarebytes users are already protected against the CryptoMix/MOLE ransomware, thanks to our multi-layer defense.

Screenshots

Malwarebytes Anti-Ransomware Detection

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language