截止2019年4月份,常见勒索病毒及相关信息收集:


特征收集:


{[email protected]}MTP


{[email protected]}BJ


{[email protected]}AOL


{[email protected]}MGH


{[email protected]}CMG


{[email protected]}MG


{[email protected]}XX [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] crypted_yoshikada@cock_lu [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]_mrscratch [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]  [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]


后缀收集:


.HRM .ITLOCK .rapid .master .Lock .sicck .lucky .satan .Boom .Indrik .aes256 .tunca .vacv2 .luudjvu .udjvu .udjvuq .satana .vulston .wq2k .nano .nostro .cryptoid .tfudet .Djvur .Djvuu .djvut .rumba .tfudeq .xcry7684 .gif .AUF .xyz GMPF .btc .obfuscated .GMBN .SPCT .CHRB .PLANT .PEDANT .xwx .USA .best .heets .qwex .air .888 .frend .amber .KARLS .healforyou .ANAMI .krab .cupcupcup .crash .GEFEST3 .secure .nosafe .pennywise .paycoin .adobe .rumba .cryptotes .STUB .locked .vaca .mbrcodes .mafee .Mcafee  .cosanostra .cripton .Jnec  .auchentoshan  .crypt_sherhagdomski@godzym_bid .Mr-X666 .{[email protected]}CMG  .azero .charcl .klopeh .doples .charck Kroput1 .jimm .crypted .UIK1J .enc_robbinhood .metan  .L1LL .prus .pulsar1 .kropun .promok .promorad2 .promored .dy8wud .crabs .SCR .NWA .com .evopro .yatron .jamper .p3rf0rm4 .GILLETTE .herbst .yum .a800 .bRcrypT .kroput .cbtl .FIT       {[email protected]}MTP .korea .kitty .promock .promorad .promoz _csp .jcry .plomb  .icp .Annabelle2 .AnnabelleCreate .Neptune .Target777 .SBLOCK .raldug .DLL .gropas .carcn .phoenix .yatron .btix .NGSC .major .ms13 .Recognizer .Horse4444 ._Crypted .roland .xLckr .securityP .SDEN .MDEN .Marozka .grovat .enc_robbinhood .stun .JLCW2! .rar .trosak .grovas .tronas .YYYYBJQOQDU .bk666 .encryptedALL .drume .locked .proden .chech .luceq .mira .luces


……


Phobos病毒


中毒特征:<原文件名>.ID-<随机8位字符串>.<邮件地址>.Phobos


勒索信息:Encrypted.txt Phobos.hta data.hta


特征示例: readme.txt.ID-16E86DC7.[[email protected]].phobos


特征后缀收集: [[email protected]].phobos


GANDCRAB病毒


病毒版本:GANDCRAB V5.0.4 GANDCRAB V5.1 GANDCRAB V5.2


中毒特征:<原文件名>.随机字符串


勒索信息:随机字符串-DECRYPT.txt  随机字符串-MANUAL.txt


特征示例: readme.txt


GlobeImposter 3.0病毒(十二×××病毒)


中毒特征:<原文件名>.XXXX4444


勒索信息:how_to_back_files.txt how_to_back_files.html


特征示例: readme.txt.Monkey4444


特征后缀收集: .China4444 .Help4444 .Rat4444 .Ox4444 .Tiger4444 .Rabbit4444 .Dragon4444 .Snake4444 .Horse4444 .Goat4444 .Monkey4444 .Rooster4444 .Dog4444 .all4444 .Pig4444 .Alco4444 .Rat4444 等


Crysis(Dharma)病毒


中毒特征:<原文件名>.ID-<随机8位字符串>.<邮件地址>.特征后缀


勒索信息:FILES ENCRYPTED.txt data files encrypted.txt info.hta


特征示例: readme.txt.ID-7DF81838.[[email protected]].btc readme.txt.id-F06E54C7.[[email protected]].ETH


特征后缀收集: .ETH .btc .adobe .bkpx .tron .bgtx .combo .gamma .block .bip .arrow .cesar .arena [email protected] [email protected] [email protected] [email protected] [email protected]  [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]


CryptON(x3m)病毒


中毒特征:<原文件名>.<随机字符串ID>.<邮件地址>.x3m


勒索信息:DECRYPT-MY-FILES.txt HOW TO DECRYPT FILES.htm


特征示例: readme.txt.id16e86dc7[[email protected]].x3m


特征后缀收集: .x3m .nemesis .x3m-pro .X3M .mf8y3 .nem2end


PRCP(Matrix变种)病毒


中毒特征:[邮件地址].密文1-密文2.PRCP


勒索信息:#README_PRCP#.rtf


特征示例: [[email protected]].A6QkjniCc-Plvdd5kn.PRCP [email protected] [email protected]


特征后缀收集: .PRCP


Clop 病毒


中毒特征:<原文件名>.Clop


勒索信息:ClopReadMe.txt


特征示例:ReadMe.txt.Clop [email protected]


特征后缀收集: .Clop


PyLocky病毒


中毒特征:<原文件名>.pyd


勒索信息:LOCKY_README.txt


特征示例:ReadMe.txt.pyd ReadMe.txt.lockymap


特征后缀收集:.pyd .lockedfile .lockymap


 


专业对您的加密数据进行分析处理,关注勒索病毒数据恢复交流公众号: