tellyouthepass Ransomware

By GoldSparrow in Ransomware

Translate To:

The Tellyouthepass Ransomware is an encryption Trojan that was reported to computer security researchers on March 23rd, 2019. Samples revealed that the Tellyouthepass Ransomware is a member of the GoldenAxe Ransomware family that was discovered on March 17th, 2019. The Tellyouthepass Ransomware does not seem to be a big step in the development process when comparing it with the parent malware. However, the Tellyouthepass Ransomware appears to be distributed via phishing emails and corrupted Microsoft Word documents reliably. The threat actors are using logos of trusted Internet companies and forged notifications from online stores to convince users to open a weaponized text file. The Tellyouthepass Ransomware is programmed to write the string '.locked' to filenames and overwrite the original user-generated files. For example, 'Khirbet et-Tannur.mp4' is renamed to 'Khirbet et-Tannur.mp4.lcoked.' The Tellyouthepass Ransomware locks access to video, music, text, databases, spreadsheets, PDFs, eBooks and photos. The Trojan is reported to drop 'README.html' to computers and display it using the default Web browser. The ransom note reads:

'I am so sorry ! All your files have been encryptd by RSA-1024 and AES-256 due to a computer security problems.
If you think your data is very important .The only way to decrypt your file is to buy my decrytion tool .
else you can delete your encrypted data or reinstall your system.
Your personid :
[random characters]
Decrytion do as follows:
1. if you not own bitcoin,you can buy it online on some websites. like https://localbitcoins.net/ or https://www.coinbase.com/ .
2. send 0.2 btc to my wallet address 1CLWBxbBKddQTUuhsUsn8izq2crUAgGYZ1.
3. send your btc transfer screenshots and your persionid to my email tellyouthepass@protonmail.com . i will send you decrytion tool.
Tips:
1.don't rename your file
2.you can try some software to decrytion . but finally you will kown it's vain .
Anything you want to help . please send mail to my email tellyouthepass@protonmail.com.
Have a nice day.'

The ransomware actors may request payments that start from 2 Bitcoin (BTC) that equals approximately $1,018/€903. Decryption services appear to be offered via the 'tellyouthepass@protonmail.com' email account, but we would advise users to avoid writing to the Tellyouthepass Ransomware team. You might be tricked, and not want to lose a thousand dollars to the cybercriminals along with your data. It is best to use data backups and clean the affected machines using a credible security scanner. Detection names for the Tellyouthepass Ransomware are listed below:

Malicious.moderate.ml.score
Malware (ai Score=96)
Malware/Win32.Generic.C3126815
Malware@#37oqhd8kw0g4d
Ransom.Win32.BITLOCKED.A
TR/FileCoder.jhzzn
Trojan ( 0054a7011 )
Trojan-Ransom.Tellyouthepass
Trojan.Encoder!tHwy06at0GQ
Trojan.Encoder.Win32.698
Trojan.Win32.Encoder.4!c

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

tellyouthepass Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen