Bright Black Ransomware

By CagedTech in Ransomware

Translate To:

The Bright Black malware tries to pass itself as a legitimately threatening ransomware. Ransomware threats have become a real plague for both individual users and the biggest corporations out there. These harmful creations are designed to lock the data on the systems they manage to infect via uncrackable cryptographic algorithms. As a result, victims lose the ability to access any of their valuable documents, databases, archives, etc.

However, when it comes to the Bright Black Ransomware, the threat does create the initial impression that all of the affected data has been rendered unusable. Files belonging to the targeted file types will have an 'x' placed in front of their original file extensions. For example, a file named 'Image1.png' will be renamed to 'Image1.xpng.' What is important to know, is that the internal data of the files is left intact and is not subjected to any encryption. Removing the 'x' is highly likely to restore users' files to their normal state.

Table of Contents

Ransom Note’s Details

Again, as is expected from a ransomware threat, the Bright Black delivers a ransom note message with instructions for its victims. In fact, the threat will display its ransom note as a pop-up window, as well as an HTML file named 'ransnote.html.' The operators of the ransomware attempt to scare users with claims that the malware uses the military-grade AES-256 cryptographic algorithm to encrypt data. However, s we said earlier, this is not true. The cybercriminals continue by instructing their victims to contact the 'brightblack#6937' account on Discord.

The full text of the threat's ransom note is:

'$$$ BRIGHT BLACK RANSOMWARE $$$
WHAT HAPPEND? ALL YOUR FILES GOT ENCRYPTED USING AES-256!
HOW TO DECRYPT THEM? IT'S SIMPLE WRITE TO ME ON DISCORD brightblack#6937!
DISCALMER: IF YOU TRY TO DECRYPT THEM USING OTHER SOFTWARE YOU CAN LOST THEM FORVER!!!
The pop-up window displays the following message:
Good luck!
Run brightblack decryptor to get files back 🙂'

SpyHunter Detects & Remove Bright Black Ransomware

File System Details

Bright Black Ransomware may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	file.exe	82559214d5778ff5be1bf375055c92c9	0
Name: file.exe MD5: 82559214d5778ff5be1bf375055c92c9 Size: 320 KB (320000 bytes) Detections: 0 Type: Executable File Group: Malware file
2.	file.exe	c117565f5ae76eb1d1d9bf936260405b	0
Name: file.exe MD5: c117565f5ae76eb1d1d9bf936260405b Size: 260.6 KB (260608 bytes) Detections: 0 Type: Executable File Group: Malware file

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Bright Black Ransomware

Ransom Note’s Details

SpyHunter Detects & Remove Bright Black Ransomware

File System Details

Submit Comment

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen