HugeMe Ransomware

HugeMe Ransomware Description

The HugeMe Ransomware is a ransomware Trojan that is based on the EDA2, an open source ransomware Trojan that was first released for 'educational purposes.' Since then, this project has spawned numerous threats like the HugeMe Ransomware, which carry out real, devastating attacks on computer users. The HugeMe Ransomware was first observed on February 9, 2017, and it is capable of carrying out effective ransomware attacks on both 32-bit and 64-bit versions of Windows from Windows XP up to Windows 10.

The Ransomware with a Megalomaniac Name

The HugeMe Ransomware carries out a typical ransomware infection. The HugeMe Ransomware enters a computer through illegitimate means and encrypts the victim's files, then demands the payment of a ransom to receive the means to decrypt the affected files. As soon as the HugeMe Ransomware enters a computer, the HugeMe Ransomware will search for files with the following extensions and use a strong encryption algorithm to encrypt them, making them inaccessible:

.1cd, .3d, .3d4, .3df8, .3fr, .3g2, .3gp, .3gp2, .3mm, .7z, .aac, .abk, .abw, .ac3, .accdb, .ace, .act, .ade, .adi, .adpb, .adr, .adt, .ai, .aim, .aip, .ais, .amf, .amr, .amu, .amx, .amxx, .ans, .ap, .ape, .api, .arc, .ari, .arj, .aro, .arr, .arw, .asa, .asc, .ascx, .ase, .asf, .ashx, .asmx, .asp, .asr, .avi, .avs, .bak, .bay, .bck, .bdp, .bdr, .bib, .bic, .big, .bik, .bkf, .blp, .bmc, .bmf, .bml, .bmp, .boc, .bp2, .bp3, .bpl, .bsp, .cag, .cam, .cap, .car, .cbr, .cbz, .cc, .ccd, .cch, .cd, .cdr, .cer, .cfg, .cgf, .chk, .clr, .cms, .cod, .col, .cp, .cpp, .cr2, .crd, .crt, .crw, .cs, .csi, .cso, .ctt, .cty, .cwf, .dal, .dap, .dbb, .dbf, .dbx, .dcp, .dcr, .dcu, .ddc, .ddcx, .dem, .der, .dev, .dex, .dic, .dif, .dii, .dir, .disk, .divx, .diz, .djvu, .dmg, .dng, .dob, .doc, .docm, .docx, .dot, .dotm, .dotx, .dox, .dpk, .dpl, .dpr, .dsk, .dsp, .dvd, .dvi, .dvx, .dwg, .dxe, .dxf, .dxg, .elf, .eps, .eql, .erf, .err, .euc, .evo, .ex, .exif, .f90, .faq, .fcd, .fdr, .fds, .ff, .fla, .flp, .flv, .for, .fpp, .gam, .gif, .grf, .gthr, .gz, .gzig, .h3m, .h4r, .htm, .html, .idx, .img, .indd, .ink, .ipa, .isu, .isz, .itdb, .itl, .iwd, .jar, .jav, .java, .jc, .jfif, .jgz, .jif, .jiff, .jpc, .jpeg, .jpf, .jpg, .jpw, .js, .kdc, .kmz, .kwd, .lbi, .lcd, .lcf, .ldb, .lgp, .log, .lp2, .ltm, .ltr, .lvl, .mag, .man, .map, .max, .mbox, .mbx, .mcd, .md3, .mdb, .mdf, .mdl, .mdn, .mds, .mef, .mic, .mip, .mlx, .mod, .moz, .mp3, .mp4,.mpeg, .mpg, .mrw, .msg, .msp, .mxp, .nav, .ncd, .nds, .nef, .nfo, .now, .nrg, .nri, .nrw, .odb, .odc, .odf, .odi, .odm, .odp, .ods, .odt, .oft, .oga, .ogg, .opf, .orf, .owl, .oxt, .p12, .p7b, .p7c, .pab, .pak, .pbf, .pbp, .pbs, .pcv, .pdd, .pdf, .pef, .pem, .pfx, .php, .pkb, .pkh, .pl, .plc, .pli, .pm, .png, .pot, .potm, .potx, .ppd, .ppf, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prc, .prt, .psa, .psd, .pst, .ptx, .puz, .pwf, .pwi, .pxp, .qbb, .qdf, .qel, .qif, .qpx, .qtq, .qtr, .r3d, .ra, .raf, .rar, .raw, .res, .rev, .rgn, .rng, .rrt, .rsrc, .rsw, .rte, .rtf, .rts, .rtx, .rum, .run, .rv, .rw2, .rwl, .sad, .saf, .sav, .scm, .scn, .scx, .sdb, .sdc, .sdn, .sds, .sdt, .sen, .sfs, .sfx, .sh, .shar, .shr, .shw, .slt, .snp, .so, .spr, .sql, .sqx, .sr2, .srf, .srt, .srw, .ssa, .std, .stt, .stx, .sud, .svi, .svr, .swd, .swf, .tar, .tax2013, .tax2014, .tbz2, .tch, .tcx, .text, .tg, .thmx, .tif, .tlz, .tpu, .tpx, .trp, .tu, .tur, .txd, .txf, .txt, .uax, .udf, .umx, .unr, .unx, .uop, .upoi, .url, .usa, .usx, .ut2, .ut3, .utc, .utx, .uvx, .uxx, .val, .vc, .vcd, .vdo, .ver, .vhd, .vmf, .vmt, .vsi,.vtf, .w3g, .w3x, .wad, .war, .wav, .wave, .waw, .wb2, .wbk, .wdgt, .wks, .wm, .wma, .wmd, .wmdb, .wmmp, .wmv, .wmx, .wow, .wpd, .wpk, .wpl, .wps, .wsh, .wtd, .wtf, .wvx, .x3f, .xl, .xla, .xlam, .xlc, .xlk, .xll, .xlm, .xlr, .xls, .xlsb, .xlsm, .xlsx, .xltx, .xlv, .xlwx, .xpi, .xpt, .xvid, .xwd, .yab, .yps, .z02, .z04, .zap, .zip, .zipx, .zoo.

Unlike other ransomware Trojans, the HugeMe Ransomware does not rename the affected files. They will simply refuse to open since Windows will no longer recognize their contents. The HugeMe Ransomware delivers its ransom note in the form of text files named 'DECRYPT.TXT,' 'DECRYPT_ReadMe.TXT.ReadMe' and 'DECRYPT_ReadMe1.TXT.ReadMe' that will be dropped on the victim's Desktop and in the Documents directory. The HugeMe Ransomware's ransom note reads as follows:

'All your files encrypted with strong encryption.
To unlock your files you must pay 1 bitcoin to address:
1GvQ9GsMgwAUz91PKNpAJxrAwsztg1S7jy
Search google for how to buy and send bitcoin.
After you send the bitcoin email to :
myqjs01@gmail.com
olv100@mail.ru
vegeta85@safe-mail.net
use all email to communicate with the information of username and pcname and the time you send bitcoins.
When we will confirme the transaction you will receive decryption key and decryption program.
You have 5 days to make transaction after that your decryption key will be deleted. And your files gone forever.'

Dealing with the HugeMe Ransomware

The HugeMe Ransomware has already claimed victims through the activity of the BitCoin address associated with the attack. Computer users should avoid paying the HugeMe Ransomware ransom. Paying this ransom allows the people responsible for the HugeMe Ransomware to continue carrying out these attacks on unsuspecting victims. Paying also does not guarantee that the con artists will deliver the decryption key that is necessary to recover the affected files. Instead, you should take preventive measures, such as creating backup copies of all files regularly.

Infected with HugeMe Ransomware? Scan Your PC for Free

Download SpyHunter's Spyware Scanner
to Detect HugeMe Ransomware
* SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 14 + 2 ?