截止2019年3月份,常见勒索病毒及相关信息收集:
Phobos病毒
中毒特征:<原文件名>.ID-<随机8位字符串>.<邮件地址>.Phobos
勒索信息:Encrypted.txt Phobos.hta data.hta
特征示例: readme.txt.ID-16E86DC7.[grunresrife1985@aol.com].phobos
特征后缀收集: [grunresrife1985@aol.com].phobos
GANDCRAB病毒
病毒版本:GANDCRAB V5.0.4 GANDCRAB V5.1 GANDCRAB V5.2
中毒特征:<原文件名>.随机字符串
勒索信息:随机字符串-DECR大流量卡YPT.txt 随机字符串-MANUAL.txt
特征示例: readme.txt.pfdjjafw
GlobeImposter 3.0病毒(十二生肖病毒)
中毒特征:<原文件名>.XXXX4444
勒索信息:HOW_TO_BACK_FILES.txt how_to_back_files.htm
特征示例: readme.txt.Monkey4444
特征后缀收集:
.China4444 .Help4444 .Rat4444 .Ox4444 .Tiger4444 .Rabbit4444
.Dragon4444 .Snake4444 .Horse4444 .Goat4444 .Monkey4444 .Roost大流量卡er4444
.Dog4444 .all4444 .Pig4444 .Alco4444 .Rat4444 等
Crysis(Dharma)病毒
中毒特征:<原文件名>.ID-<随机8位字符串>.<邮件地址>.特征后缀
勒索信息:FILES ENCRYPTED.txt data files encrypted.txt info.hta
特征示例: readme.txt.ID-16E86DC7.[writehere@qq.com].btc readme.txt.id-F06E54C7.[decryptmyfiles@qq.com].ETH
特征后缀收集:
.ETH .btc .adobe .bkpx .tron大流量卡 .bgtx .combo .gamma .block .bip .arrow
.cesar .arena btc@fros.cc zikr@protonmail.com zikra@protonmail.com
zikr@usa.com decryptmyfiles@qq.com bebenrowan@aol.com
MailPayment@decoder.com helpfilerestore@india.com decryptmyfiles@qq.com
decryptprof@qq.com 1701222381@qq.com btccrypthelp@cock.li
CryptON(x3m)病毒大流量卡
中毒特征:<原文件名>.<随机字符串ID>.<邮件地址>.x3m
勒索信息:DECRYPT-MY-FILES.txt HOW TO DECRYPT FILES.htm
特征示例: readme.txt.id16e86dc7[unlock@cock.li].x3m
特征后缀收集: .x3m .nemesis .x3m-pro .X3M .mf8y3 .nem2end
PRCP(Matrix变种)病毒
中毒特征:[邮件地址].密文1-密文2.PRCP
勒索信息:#README_PRCP#.rtf
特征示例: [radrigoman@protonmail.com].A6QkjniCc-Plvdd5kn.PRCP 大流量卡radrigoman@tutanota.com radrigoman@airmail.cc
特征后缀收集: .PRCP
Clop 病毒
中毒特征:<原文件名>.Clop
勒索信息:ClopReadMe.txt
特征示例:ReadMe.txt.Clop mangagersmaers@tutanota.com
特征后缀收集: .Clop
PyLocky病毒
中毒特征:<原文件名>.pyd
勒索信息:LOCKY_README.txt
特征示例:ReadMe.txt.pyd ReadMe.txt.lockymap
特征后缀收集:.pyd .lockedfile .lockymap
其他类型病毒
特征收集:
{mattpear@p大流量卡rotonmail.com}MTP
{Benjamin_Jack2811@aol.com}BJ
{Benjamin_Jack2811@aol.com}AOL
{mrgrayhorse@protonmail.com}MGH
{CALLMEGOAT@protonmail.com}CMG
{MOLLYGREENS@PROTONMAIL.COM}MG
{colin_farel@aol.com}XX
sicck@protonmail.com satan_pro@mail.ru skunkwoman_next@aol.com
skunkwoman@india.com gotham_back@ao.com gotham_b大流量卡ack@india.com
crazyfoot_granny@aol.com crazyfoot_granny@india.com mr_chack@aol.com
mr_chack33@india.com true_offensive@aol.com true_offensive777@india.com
makgregorways@aol.com makgregorways@india.com yaya_captain@aol.com
yaya_captain999@india.com dream_dealer@aol.com dream_dealer@india.com
lin_chao1@aol大流量卡.com bigbig_booty@aol.com bigbig_booty@india.com
sexy_chief@aol.com sexy_chief18@india.com third_work@aol.com
third3_work@india.com greenpeace-wtf@ao.com greenpeace_28@india.com
alcohol_walker@aol.com alcohol_walker@india.com vya_technology@aol.com
vya_technology33@india.com crypted_yoshikada@cock_lu
tec大流量卡hosupport@protonmail.com reserve_player@aol.fr
reserve_player11@india.com payday@cock.li fuck4u@cock.li
mr_chack@aol.com mr_chack33@india.com sexy_chief@aol.com
lin_chao1@aol.com true_offensive@aol.com freeman.dor@aol.com
nmare@cock.li Benjamin_Jack2811@aol1.com colin_farel@aol3.com
payransom@qq.com decr大流量卡yptdata@qq.com email-lybot@rape.lol_mrscratch
Admin@decryption.biz fastsupport@airmail2.cc waltipanvi1983@aol.com
stopencrypt@qq.com hellstaff@india1.com johnsmith3210@india.com
fileslocker@pm2.me travolta_john@aol1.com tttttlocked@protonmail.com
decryptprof@qq.com colin_farel@aol1.com condneparrio1976@大流量卡aol.com
unlock@cock.li claymore@airmail.cc eight@india.com colin_farel@aol2.com
Fruttella1@outlook.com 1btcpayment@protonmail.com
anticrypt@countermail.com online24files@airmail2.cc nmare@protonmail.com
fairman@cock.li dreamunricha1981@aol.com candy@firemail.cc
returnfiles@airmail.cc AndDora@india.com He大流量卡lperBTC@cock.li
syndicateXXX@aol.com JSOqxz4E1cYL@gmail.com sherhagdomski@godzym.bid
后缀收集:
.HRM
.ITLOCK .rapid .master .Lock .sicck .lucky .satan .Boom .Indrik .aes256
.tunca .vacv2 .bin .locked_by_mR_Anonymous(TZ_HACKERS) .luudjvu .udjvu
.udjvuq .satana .vulston .wq2k (B2DR病毒) .nano (Scarab病毒) .nostro
.cr大流量卡yptoid(RICKROLL LOCKER病毒) .tfudet .Djvur .Djvuu .djvut .rumba
.tfudeq(Stop病毒) .xcry7684 (XCry病毒) .gif .AUF (Dharma病毒) .data
.PC-FunHACKED!-Hello (Jigsaw病毒) .xyz (Paradise病毒) GMPF (Matrix病毒)
.[Traher@Dr.Com] (Scarab病毒) .Anatova病毒 .jundmd@cock.li
raphaeldupon@aol.com .btc .obfuscated .GMBN .SPCT .CHRB .PL大流量卡ANT .PEDANT
(Matrix病毒) .xwx .USA .best .heets .qwex .air .888 .frend .amber .KARLS
(Dharma病毒) .healforyou .ANAMI (GlobeImposter系列) .krab .cupcupcup .crash
.GEFEST3 .secure .nosafe (Scarab病毒) .pennywise .paycoin (Jigsaw病毒)
.[Jaffe@Tuta.Io] (Jaffe病毒) .adobe .rumba (Stop病毒) .cryptotes
(Rotorcrypt病毒) .STUB (大流量卡Paradise病毒) .locked (LockerGoga病毒) .vaca .mbrcodes
.mafee .Mcafee (Xorist病毒) .cosanostra (GarrantyDecrypt病毒)
.cripton(Creeper病毒) .Jnec .auchentoshan
.crypt_sherhagdomski@godzym_bid
友情提醒: 请添加客服微信进行免费领取流量卡!
QQ交流群:226333560 站长微信:qgzmt2
原创文章,作者:sunyaqun,如若转载,请注明出处:https://www.dallk.cn/49747.html
