【家族名】
Win32/Ransom.Bash
[平台] / [主类型] . [家族名]
平台类型 : Win32 Win64
威胁类型 : Ransom
【是否支持解密】
360解密大师:暂不支持
在线解密:暂不支持
【被加密文件】
修改文件后缀为
【勒索提示信息】:
文件名:bashred-reAdmE.txt
文件内容
--------------------------------------------------------------------------------------------------------------------------------------------------------------
!!!ATTENTION!!!
Your Files Have Been Encrypted By Bash Ransomware (v2.0)!
Your Downloads, Documents, Desktop, Videos, etc.
We Understand That This Is A Scary Situation For You. But We Are Confident That If You Are Willing
To Cooperate With Us. We Can Work Towards A Reasonable Outcome.
COMMONLY ASKED QUESTIONS.
--------------------------
What Happened To My Files?
---------------------------
Your Files Have Been Encrypted Using The AES-256 Encryption Algorithm. RSA-2048 Was Also Used
To Encrypt The AES Encryption And Decryption Keys.
The Only Way Possable To Restore Your Files Is With The Unique, RSA Private Key That Was Generated Specifically
For This Ransomware. As Well As Its Corresponding Decryption Software.
In Order To Obtain Them, You Must Pay A Reasonable Fee.
How Do I Pay?
--------------
In Order To Pay The Fee, You Must First Download The TOR Browser At https://torproject.org/
After Installing The Browser.
Please Visit One Of Our Darknet Sites Listed Below:
https://bashre3xg5uzq9vctnpw4h6x ... wzheoyad.onion/USHS
https://bashre7tzkxq1wmjrvu9l8hf ... vudjowid.onion/OOSS
https://bashrexz2lk93wbp1hdtyc8g ... m3sykqmd.onion/LDMF
https://bashre5vpyltnkdro3a8w9sq ... pzdlq7ud.onion/INVB
https://bashre2mdz67ynok8txgpr13 ... rwoslazd.onion/VRRS
Once Your Connected To Our Servers, Enter You Own Personal ID Listed Below.
You Will Then Be Taken Through The Payment Process.
Your Personal ID: yM7qfBZH4t1pXKGEnOdsJVaRPl6czYxoQNb5F3WCT9ULvkmDrAehgiM8w20jISnXYufbzqT7LcR5aOdg1NHKVW9EmyMPXsJ0vAok2tBYUiG34FnhqrxleZCwDSpLmuF8JbMTO7kQyNdXRWaV6GiEpHlUsv53LKnYZtwc29omJIf1gQBFeTxUPrNsh0ALzdCvMR8EKWyj7aJgHQfdYbVXWlNeqSuoPL4tcmRgM3x9iTF2kDZ
Once Payment Has Been Verified, You Will Be Sent A Copy Of The Private RSA Key And The Decryptor From Our Email Address At:
bashID72@protonmail.com
-------------------------------
WARNING!
DO NOT MODIFY, RENAME Or Attempt Decryption With Third-Party Software, It Will Not Work And May Render Decryption Impossable!
-------------------
We Look Foward To Finding A Common Ground.
Thank You
Version:(BashRed-2.0-213)
--------------------------------------------------------------------------------------------------------------------------------------------------------------
修改桌面显示:
【防护建议】
1.多台机器,不要使用相同的账号和口令
2.登录口令要有足够的长度和复杂性,并定期更换登录口令
3.重要资料的共享文件夹应设置访问权限控制,并进行定期备份
4.定期检测系统和软件中的安全漏洞,及时打上补丁。
5.定期到服务器检查是否存在异常。查看范围包括:
a)是否有新增账户
b) Guest是否被启用
c) Windows系统日志是否存在异常
d)杀毒软件是否存在异常拦截情况
6.安装安全防护软件,并确保其正常运行。
7.从正规渠道下载安装软件。
8.对不熟悉的软件,如果已经被杀毒软件拦截查杀,不要添加信任继续运行。
|
|
|
|
|
|
|
京公网安备 11000002002063号
京ICP备08010314号-6 Copyright©2005- 360.com 版权所有 360互联网安全中心
安全卫士
极速浏览器
360壁纸
360摄像机
纳米AI搜索
手机卫士
评论
直达楼层