GABUTS Project Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 4 |
| First Seen: | October 19, 2021 |
| OS(es) Affected: | Windows |
The GABUTS Project Ransomware is a threat that can cause massive damage if it infiltrates users' computers successfully. The threat can lock a wide range of filetypes and the strong encryption algorithm ensures that the data will be virtually unrecoverable without the help of the attackers.
As part of its threatening activities, the GABUTS Project modifies the names of the encrypted files by appending '.im back' as a new file extension. Continuing with the same theme, the ransom note is dropped inside a text file named 'gabuts project is back.txt.'
Table of Contents
Ransom Note’s Overview
According to the ransom-demanding message, the hackers behind the GABUTS Project Ransomware want to be paid exactly 100BTC (Bitcoin). While some ransomware groups focus on infiltrating corporate tactics specifically and then trying to extort massive amounts of money from them, trying to do the same with individual targets is simply not realistic. We mention this detail because, at the current price of the Bitcoin cryptocurrency, the demanded sum is worth over $5.7 million. This exorbitant amount of money could signal that the current version of the GABUTS Project Ransomware is being used for testing purposes.
The full text of the note is:
'{FOR YOU FROM GABUTS PROJECT}
!!!your data has been locked, give me 100btc and i will give you the key!!!
redemption time is only valid for 1 day
decrypt file: hxxps://anonfiles.com/ffKaa1Nbu2/decrypt_file_zip
email: baholo6031@xeiex.com-greetings gabuts project-'
SpyHunter Detects & Remove GABUTS Project Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | 9c00f9c6bdcfc9a2b3b78350e58390f6 | 4 |
