‘Suppteam03@india.com’ Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 32 |
| First Seen: | November 21, 2016 |
| Last Seen: | November 2, 2022 |
| OS(es) Affected: | Windows |
The 'Suppteam03@india.com' Ransomware is a ransomware Trojan that is being used to extort money from computer users. The 'Suppteam03@india.com' Ransomware attack is simple to understand since it is a variant of CryptoLocker, a well-known encryption ransomware Trojan. The 'Suppteam03@india.com' Ransomware uses the AES-256 encryption to take over the victim's data, encrypting it and making it inaccessible. The 'Suppteam03@india.com' Ransomware demands a ransom that is quite high in exchange for the decryption key needed to restore the affected files. The 'Suppteam03@india.com' Ransomware asks for 2.05 BitCoins (approximately $1300 USD at the current exchange rate). The 'Suppteam03@india.com' Ransomware drops its ransom note in the form of a text file named 'Your files are locked !!!!.txt,' which is dropped onto the desktop of the affected computer.
The 'Suppteam03@india.com' Ransomware and Its Ransom Demands
The 'Suppteam03@india.com' Ransomware may be distributed by sending it out in the form of a corrupted email attachment. The corrupted files being used to distribute the 'Suppteam03@india.com' Ransomware may take the form of fake emails from shipping companies such as DHL or FedEx, or social media platforms like Facebook or Instagram. The point of these messages is to convince the victim to open an attached file or embedded link, which infects the victim's computer with the 'Suppteam03@india.com' Ransomware.
The 'Suppteam03@india.com' Ransomware infection is quite simple. Once it has managed to enter the victim's computer, it searches the victim's computer for certain file types and encrypts them using its strong encryption algorithm. The 'Suppteam03@india.com' Ransomware searches for the following file types (among various others) during its attack:
.sql, .mp4, .7z, .rar, .m4a, .wma, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .gdb, .tax, .pkpass, .bc6, .bc7, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps, .docm, .docx, .doc, .odb, .odc, .odm, .odp, .ods, .odt.
After encrypting the victim's files, the 'Suppteam03@india.com' Ransomware drops its ransom note in the form of a text file on the victim's computer. The ransom note contains information on the attack and on how to pay. The following text is contained in the 'Suppteam03@india.com' Ransomware's ransom note:
'Support e-mail: suppteam03@yandex.ru suppteam03@india.com
Your personal files encryption produced on this computer: photos, videos, documents, etc.
Encryption was produced using a unique public key RSA-2048 generated for this computer.
To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow to decrypt the files,
located on a secret server on the Internet; the server will destroy the key after 120 hours.
After that nobody and never will be able to restore files.
To obtain the private key for this computer, you need pay 2.05 Bitcoin (~1309 USD)
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.