DECcenter Ransomware
The DECcenter Ransomware goals are to infect targeted computers, run an encryption routine to lock the files stored there, and then extort the victims for money in exchange for the potential restoration of the data. The DECcenter Ransomware is a malware threat classified as belonging to the VoidCrypt Ransomware family. The DECcenter Ransomware can affect a large array of file types and each affected file will have its original name changed drastically. The threat will append an email address under the control of the hackers (decryptioncenter2016@gmail.com), a string of random characters and a new file extension (.DECcenter).
A ransom note with instructions for the victims will then be deployed in the form of a text file named 'Decrypt-info.txt.' According to the message, the first step taken by the victims should be to locate a file named 'prvkey*.txt.key,' where the asterisk symbol may be replaced by a number. Apparently, this file is essential for the restoration of the data, and losing or modifying it could lead to permanent losses. The note doesn't mention the exact sum of the ransom demanded by the cybercriminals. The payment, however, must be made using the Bitcoin cryptocurrency.
To contact the hackers, users are left with two email addresses - 'Decryptioncenter2016@gmail.com' and 'Backupcenter2016@gmail.com.' To test the hackers' ability to restore the data, affected users are allowed to attach a single locked file that will then supposedly be decrypted and returned. The file must not contain any important information and should be less than 1MB in size.
The full text of the note is:
'All Your Files Has Been Encrypted
You Have to Pay to Get Your Files Back
Go to C:\ProgramData\ or in Your other Drives and send us prvkey*.txt.key file , * might be a number (like this : prvkey3.txt.key)
You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data
Payment should be with Bitcoin
Changing Windows without saving prvkey.txt.key file will cause permanete Data loss
Our Email:Decryptioncenter2016@gmail.com
in Case of no Answer:Backupcenter2016@gmail.com.'
