CC1H Ransomware Description
The CC1H Ransomware is yet another ransomware threat. The CC1H Ransomware has been spawned from the GlobeImposter Ransomware family. Although the name given to this particular crypto locker by the infosec community is CC1H Ransomware, two different variants have, in fact, been detected in the wild. They are identical completely, with the only aspect setting them apart been the extension used for the files they encrypt. One variant appends the files with 'CC1H' while the other uses 'CC4H.' The ransom note of both variants is presented in a .html file named 'INFO.html.'
Victims of the CC1H Ransomware are warned that they will have to pay a ransom to the hackers to receive a decryptor tool for the locked data. The note doesn't mention the exact sum or if the ransom has to be made in one of the popular cryptocurrencies. A single image or text file must be sent in an email message to be decrypted for free. The criminals provide two email addresses for this purpose - 'firstname.lastname@example.org' or 'email@example.com.'
The full set of instructions delivered by the CC1H Ransomware is:
'ALL YOUR FILES AND IMPORTANT DATA ARE ENCRYPTED!
To recover data you need decryptor.
To get the decryptor you should:
Send 1 test image or text file firstname.lastname@example.org or email@example.com.
In the letter include your personal ID (look at the beginning of this document).
We will give you the decrypted file and assign the price for decryption all files
After we send you instruction how to pay for decrypt and after payment you will receive a decryptor and instructions We can decrypt one file in quality the evidence that we have the decoder.
Only firstname.lastname@example.org or email@example.com can decrypt your files
Do not trust anyone firstname.lastname@example.org or email@example.com
Do not attempt to remove the program or run the anti-virus tools
Attempts to self-decrypting files will result in the loss of your data
Decoders other users are not compatible with your data, because each user's unique encryption key.'