【家族名】
Win32/Ransom.XXXXXCrypted

[平臺]? ?/? ?[主類型]??.??[家族名]
平臺類型 :??Win32 Win64
威脅類型 : Ransom

【是否支持解密】
360解密大師：暫不支持
在線解密：暫不支持

【被加密文件】
被加密文件后綴格式： 修改文件后綴為.XXXXXCrypted

【勒索提示信息】：
文件名：HOW_TO_FIX_FILES.XXXXXCrypted.txt
文件內容 ：
-------------------------------------------------------------------------------
Attention!

----------------------------
| What happened?
----------------------------

We hacked your network and now all your files, documents, photos, databases, and other important data are safely encrypted with reliable algorithms.
You cannot access the files right now. But do not worry. You can get it back! It is easy to recover in a few steps.

After the payment the decryptor will be given to you, so you can restore all your files.

----------------------------
| How to contact us and get my files back?
----------------------------

The only method to restore your files and be safe from data leakage is to purchase a unique for you private key which is securely stored on our servers.
To contact us and purchase the key you have to email us.

- Email me at :?supportx@onionmail.com

----------------------------
| What about guarantees?
----------------------------

We understand your stress and worry.
So you have a FREE opportunity to test a service by instantly decrypting for free three files from every system in your network.
If you have any problems our friendly support team is always here to assist you in a email!

Dear system administrators, do not think you can handle it by yourself. Inform leadership as soon as possible.
By hiding the fact of the breach you will be eventually fired and sometimes even sued.
-------------------------------------------------------------------------------
THIS IS A SPECIAL BLOCK WITH A PERSONAL AND CONFIDENTIAL INFORMATION! DO NOT TOUCH IT WE NEED IT TO IDENTIFY AND AUTHORIZE YOU
---BEGIN KEY---
72dd2a3d1aeae12c95cdfc35e832bfeb5aa4cfff87e340f4c22590eccf2130b42fddacf06e01844a15023d34f99c6c98fe0aecac405c34c966d0dc16e0422dc2

-------------------------------------------------------------------------------
【防護建議】
1.多臺機器，不要使用相同的賬號和口令
2.登錄口令要有足夠的長度和復雜性，并定期更換登錄口令
3.重要資料的共享文件夾應設置訪問權限控制，并進行定期備份
4.定期檢測系統(tǒng)和軟件中的安全漏洞，及時打上補丁。
5.定期到服務器檢查是否存在異常。查看范圍包括：
a)是否有新增賬戶
b) Guest是否被啟用
c) Windows系統(tǒng)日志是否存在異常
d)殺毒軟件是否存在異常攔截情況
6.安裝安全防護軟件，并確保其正常運行。
7.從正規(guī)渠道下載安裝軟件。
8.對不熟悉的軟件，如果已經(jīng)被殺毒軟件攔截查殺，不要添加信任繼續(xù)運行。

轉載于：360社區(qū):

XXXXXCrypted勒索病毒家族詳情_360社區(qū)

https://bbs.#/thread-16044170-1-1.html