Threat Database Ransomware D2+D Ransomware

D2+D Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 5
First Seen: May 22, 2017
Last Seen: August 17, 2022
OS(es) Affected: Windows

The D2+D Ransomware is a Trojan that was first observed in the final week of May 2017. The D2+D Ransomware is designed to infect computers, claiming to encrypt their contents and then demanding a ransom to provide the decryption key. There are several ways in which the D2+D Ransomware could be distributed, including the use of spam email attachments or by hacking into the victims' computers directly. Some reports PC security researchers have received about the D2+D Ransomware indicate that the D2+D Ransomware may be distributed by including it in pirated software downloads being distributed online and through peer-to-peer networks. Although the D2+D Ransomware does scare computer users into believing that their files are unrecoverable, there are reasons to believe that the D2+D Ransomware uses a screen locker tactic, merely blocking access to the victim's computer, rather than making the files unusable through the use of encryption.

A Looks Like Equation as the Name of a Threat

The D2+D Ransomware displays a message designed to trick computer users into believing that their files have been encrypted with a strong encryption algorithm. This is the typical attack strategy that threatening ransomware Trojans use to attack computers. However, in the case of the D2+D Ransomware, the victim's files will not be encrypted. The D2+D Ransomware ransom note is written in a friendly, affable way rather than using the threatening language typical of these attacks. The D2+D Ransomware's ransom note is displayed in the form of a full-screen program window that acts as a screen locker since the victims will not be able to bypass the message to gain access to their computers. The full text of the D2+D Ransomware screen locker message reads:

'WHAT THE HELL IS HAPPENING?
Your files are encrypted, you cannot close this progarm unless you have the key! This is a ransomware
What can i do?
You have to buy the key! don't worry
Customers are treated well, we are reliable
Can you decrypt my files?
Yes, we can but we won't do it
Enter the key yourself
You can check the F.A.Q in the link given below
http://bobdinh.hol.es
REMEMBER, THE TIME IS LIMITED you only have 3 day(s) to buy the key!
HOW TO PURCHASE?
Buy bitcoins and send to: [RANDOM CHRACTERS] or buy me some cup of coffe or we could hang out together that is fine ! 🙂
don't know how to create bitcoin account? check the F.A.Q or hang out with me!
Send with love: [RANDOM CHRACTERS]
Send 100$ worth of bitcoin, special offer: 50% discount for first 3 customers for poor people offer: 90% off!!!
[TEXT BOX]
feel free to donate now:'

Dealing with a D2+D Ransomware Infection

Computer users may notice that the above message is full of typos and grammar errors. More importantly, it does not include a valid BitCoin address or any other way of making the payment, making it clear that the D2+D Ransomware attack is the work of amateurs rather than part of an organized ransomware tactic. Fortunately for computer users, PC security researchers have extracted the unlock code for the D2+D Ransomware screen locker window since it is hard coded into the D2+D Ransomware Trojan. Simply entering the password '215249148' can allow computer users to close the D2+D Ransomware window. There is no need to pay the $100 USD ransom that the D2+D Ransomware demands. In most cases, computer users should refrain from paying even if the solution to the infection were not so simple. This is because paying these ransoms allows con artists to continue financing these attacks, preying on inexperienced computer users. It is important to take preventive measures to limit the damage in case of a ransomware infection that carries out the attack that the D2+D Ransomware threatens. Reliable file backups and good anti-virus programs will be sufficient to be fully protected.

SpyHunter Detects & Remove D2+D Ransomware

File System Details

D2+D Ransomware may create the following file(s):
# File Name MD5 Detections
1. The Game v.10.exe 7b7ae9a55d2fb8d79503f5f6a4e622a6 2

Trending

Most Viewed

Loading...