GoRansom Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 39 |
| First Seen: | August 17, 2011 |
| Last Seen: | October 26, 2021 |
| OS(es) Affected: | Windows |
The GoRansom Ransomware is a peculiar file-locker project that does not appear to extort victims for money at the moment. Usually, ransomware developers offer to sell their victims a decryption service, but the case with the GoRansom Ransomware is a bit different – the ransom note that this ransomware leaves behind contains a free decryption solution. It is not clear what the idea of the author is – this might be a project made for fun, or it might still be an unfinished product that will be used with harmful intent eventually. One thing is for sure – despite the presence of a free decryption option, the GoRansom Ransomware is a dangerous threat that is fully capable of harming your files.
The GoRansom Ransomware's Message Contains Free Decryption Tutorial
The file types that the GoRansom Ransomware targets are very diverse – text files, Microsoft Office files, Adobe projects, videos, pictures, archives, databases, etc. If the ransomware locks a file successfully, it will add the ‘.gore' extension to its name, an action typical for most ransomware. Another change that the GoRansom Ransomware brings is the creation of a ransom note called ‘GoRansom.txt' – usually, this file contains contact details and payment instructions, but in the case of the GoRansom Ransomware it provides the victim with decryption instructions. Unlike many other file-lockers, the GoRansom Ransomware does not take any actions to disable Windows features or wipe out system restore points.
There is no data about the author of the GoRansom Ransomware so that it is impossible to say if their intentions were to test their ransomware development skills, or if they plan to the GoRansom Ransomware for evil deeds in the future. Even if the GoRansom Ransomware is not meant to cause long-term harm, there are many other file-lockers that you must protect your computer from by using a state-of-the-art anti-virus product.
