CC1H Ransomware

By GoldSparrow in Ransomware

Translate To:

The CC1H Ransomware is yet another ransomware threat. The CC1H Ransomware has been spawned from the GlobeImposter Ransomware family. Although the name given to this particular crypto locker by the infosec community is CC1H Ransomware, two different variants have, in fact, been detected in the wild. They are identical completely, with the only aspect setting them apart been the extension used for the files they encrypt. One variant appends the files with 'CC1H' while the other uses 'CC4H.' The ransom note of both variants is presented in a .html file named 'INFO.html.'

Victims of the CC1H Ransomware are warned that they will have to pay a ransom to the hackers to receive a decryptor tool for the locked data. The note doesn't mention the exact sum or if the ransom has to be made in one of the popular cryptocurrencies. A single image or text file must be sent in an email message to be decrypted for free. The criminals provide two email addresses for this purpose - 'chinarecoverycompany@cock.li' or 'chinarecoverycompany@airmail.cc.'

The full set of instructions delivered by the CC1H Ransomware is:

'ALL YOUR FILES AND IMPORTANT DATA ARE ENCRYPTED!

To recover data you need decryptor.

To get the decryptor you should:

Send 1 test image or text file chinarecoverycompany@cock.li or chinarecoverycompany@airmail.cc.

In the letter include your personal ID (look at the beginning of this document).

We will give you the decrypted file and assign the price for decryption all files

After we send you instruction how to pay for decrypt and after payment you will receive a decryptor and instructions We can decrypt one file in quality the evidence that we have the decoder.

Attention!

Only chinarecoverycompany@cock.li or chinarecoverycompany@airmail.cc can decrypt your files

Do not trust anyone chinarecoverycompany@cock.li or chinarecoverycompany@airmail.cc

Do not attempt to remove the program or run the anti-virus tools

Attempts to self-decrypting files will result in the loss of your data

Decoders other users are not compatible with your data, because each user's unique encryption key.'

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

CC1H Ransomware

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen