Aimnip Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 4 |
First Seen: | November 26, 2021 |
Last Seen: | December 19, 2021 |
OS(es) Affected: | Windows |
The Aimnip Ransomware, as its name suggests, is classified by infosec researchers as a ransomware threat. Its nefarious goal is to breach targeted computers, initiate a strong encryption process, and then extort its victims for money. Aimnip can affect numerous file types, including documents, PDFs, images, photos, archives, databases and more. Users will be unable to access any of the files encrypted by Aimnip. Other ransomware threats that users should be aware of are Rigj, Nope Ransomware, Chichi Ransomware and more.
Typically, ransomware threats use a specific word as a new file extension, with which they mark all locked files. However, in the case of the Aimnip Ransomware, each encrypted file will have a different random 4-character string appended to its original name. The instructions of the cybercriminals responsible for the Aimnip Ransomware will then be delivered to the compromised system. The ransom note is dropped as a text file named 'Recover_UrFiles.txt.'
Ransom Note's Details
According to the ransom-demanding message, the attackers want to receive the sum of exactly 0.0013 BTC (Bitcoin). Bitcoins is the biggest cryptocurrency but it is still susceptible to significant swings up and down the chart. At the current exchange rate, the ransom victims will have to pay comes at approximately $75. The money must be transferred to the crypto-wallet address found in the note. The Aimnip Ransomware then instructs its victims to contact the aimnip@via.tokyo.jp email address to receive the decryption tool from the hackers.
The full text of the note is:
'Hello.
All your documents, images, videos, databases and other files are no longer available because they have been encrypted.
There is nothing you can do about this, because if you try to remove me, the files will be lost permanently. No one will be able to do anything except us.We guarantee the decryption of files if the instructions are followed. To get your files back, you'll have to pay.
We only accepted Bitcoin.
Purchasing Bitcoin varies from country to country, you are best advised to do a quick google search yourself to find out how to buy Bitcoin.
These sales websites are secure and secure:
Coinmama - hxxps://www.coinmama.com
Abra - hxxps://www.abra.com/buy/bitcoin
Localbitcoin - hxxps://localbitcoins.comPayment amount: 0.0013 BTC.
Bitcoin address: 17CqMQFeuB3NTzJ2X28tfRmWaPyPQgvoHVThen and only then, send an email to aimnip@via.tokyo.jp to get decrypter.
Do not download unknown files from the Internet…'