Ransom.Samas is Malwarebytes’ detection name for a family of ransomware applications also known as SamSam ransomware.
Affected systems may display ransome notes similar to this one, after all the files have been encrypted.
Ransom.Samas in general encrypts your files, then forces you to pay a ransom to get them back. The threat actors have been known to target cities and hospitals among others.
Ransom.Samas knows several variants, but most of them are spread by brute-forcing RDP endpoints.
Malwarebytes protects users from Ransom.Samas by using real-time protection.
Malwarebytes can detect and remove Ransom.Samas without further user interaction.
Take note, however, that removing this ransomware does not decrypt your files. You can only get your files back from backups you made before the infection happened.