ExecutionerPlus Ransomware

The ExecutionerPlus Ransomware is an encryption ransomware Trojan. These threats, like their name indicates, are designed to extract a payment of a ransom from their victims. To do this, threats like the ExecutionerPlus Ransomware use a strong encryption algorithm to make the victim's files inaccessible. They then deliver a ransom note asking for the payment of a large amount of money to get the decryption key necessary to restore the affected files. The threats that use these tactics are becoming common increasingly, and computer users must take steps to protect their software from a threat like the ExecutionerPlus Ransomware.

The Executioner of Your Files

The ExecutionerPlus Ransomware is based on CryptoJoker, a ransomware Trojan that uses a combination of the RSA and AES encryptions to make the victim's files inaccessible. Typically, threats are delivered to victims through the use of spam email messages containing corrupted Microsoft Word file attachments. The ExecutionerPlus Ransomware is installed on the victim's computer through the use of corrupted file scripts included in these unsafe files in its attack. The best protection against attacks like the ExecutionerPlus Ransomware is to have file backups on the cloud or secure places and disable the automatic execution of macro scripts. The ExecutionerPlus Ransomware uses strong encryption to make the victim's files inaccessible, marking the files encrypted in the attack with a new file extension. The two file extensions, '.pluss.executioner' and '.destroy.executioner,' have been observed in different variants of the ExecutionerPlus Ransomware. The ExecutionerPlus Ransomware will run as 'CryptoJoker.exe' on infected computers and will target a wide variety of the user-generated files in its attack. The following are some of the file types that may be targeted in infections like the ExecutionerPlus Ransomware:

.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.

While these infections will compromise a wide variety of file types, they will avoid encrypting the Windows system files necessary for Windows to continue to be operational and display a ransom note to the victim.

The ExecutionerPlus Ransomware’s Ransom Note

The ExecutionerPlus Ransomware will change the infected computer's desktop image into a picture that contains the ExecutionerPlus Ransomware's ransom note. The ExecutionerPlus Ransomware also will drop an HTML file named 'Readme.html' on the infected computer. These files may deliver the following message to the victim:

'HEYKLOG-LOSTHAT
HEYKLOG & CRYPTONIC My Best Friend
Turkish Underground World ~
Guvenlik bir bir urun degil surectir.
./Exit'

Protecting Your Data from the ExecutionerPlus Ransomware

You should do whatever is needed to ensure that your data is safe from attacks like the ExecutionerPlus Ransomware. The best protection against these threats is to have file backups on the cloud or an external memory device. Backup copies of your files are effective weapons to respond to an ExecutionerPlus Ransomware attack by restoring the affected files from a backup copy rather than losing your files permanently or having to contact these people to get the decryption key. Installing a reliable security program that is fully up-to-date and taking precautions when handling unsolicited email attachments you can avoid countless headaches.