Delphimorix Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 3 |
| First Seen: | November 23, 2018 |
| Last Seen: | March 6, 2020 |
| OS(es) Affected: | Windows |
The Delphimorix Ransomware is an encryption ransomware Trojan. The Delphimorix Ransomware, like most encryption ransomware Trojans of this type, is designed to use encryption algorithms to make the victim's files inaccessible. Threats like the Delphimorix Ransomware do this to take the victim's files hostage as a motive to demand a ransom payment. Therefore, it is paramount to take precautions against threats like the Delphimorix Ransomware by safeguarding your data and PC.
Table of Contents
Symptoms of a Delphimorix Ransomware Infection
The Delphimorix Ransomware targets the user-generated files, which may include a wide variety of media files, databases and document types. The following are examples of the files that threats like the Delphimorix Ransomware target when attacking a computer:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
The Delphimorix Ransomware renames them. Typically, the Delphimorix Ransomware will add a new file extension to each affected file. PC security researchers have reported a variety of ways in which the Delphimorix Ransomware marks the affected files rather than using a single way to modify the affected files' names. One file extension that has been linked to the Delphimorix Ransomware attack is the following:
'.DeLpHiMoRiX!@@@@_@@_@_2018_@@@_@_@_@@@'
The Delphimorix Ransomware also has been observed to mark the affected files by using a string formed of random numbers.
The Delphimorix Ransomware’s Ransom Demand
After the Delphimorix Ransomware has encrypted the victim's files, the Delphimorix Ransomware delivers a ransom note as a text file named 'delphimorix_ransom_note.txt,' which demands an enormous ransom amount of 101 Bitcoin, nearly half a million US dollars! It is clear that the criminals do not have any intention of extracting a ransom from the victim, which may point to the Delphimorix Ransomware being incomplete or poorly developed. Following the Delphimorix Ransomware's instructions or interacting with the criminals responsible for this attack is not a wise decision.
Protecting Your Data from Threats Like the Delphimorix Ransomware
Malware researchers believe that it is only a matter of time before a tool that can help computer users recover their files after a Delphimorix Ransomware attack is released. However, at the moment of writing, it may be impossible to recover the files encrypted by the Delphimorix Ransomware. Therefore, the best protection against the Delphimorix Ransomware (and the many similar threats that are being used to attack computer users) is to have backup copies of your files. Having backup copies of data and storing these copies in a secure location, such as an external device or the cloud, ensures that any data compromised by the Delphimorix Ransomware attack can be recovered easily and quickly without having to resort to contacting or negotiating with the criminals.
