Hydrox Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 2 |
| First Seen: | August 5, 2022 |
| OS(es) Affected: | Windows |
The Hydrox Ransomware is a malware threat equipped with a cryptographic algorithm that targets various, different file types. Infected systems will have most of the files stored on them locked and rendered unusable. Typically, ransomware operations are financially-driven, with the attackers trying to extort their victims for money.
When the Hydrox Ransomware encrypts a file, it also appends a new file extension - '.hydrox,' to that file's original name. Among the changes caused by the threat, also will be the appearance of an unfamiliar text file named 'Hydrox Ransomware.txt.' The file contains the threat's ransom note with instructions for its victims. In addition, the default desktop background of the breached device will be substituted with a new image brought by the threat.
Table of Contents
Ransom Note’s Details
According to the threat's ransom-demanding message, the Hydrox Ransomware is capable of locking documents, photos, audio and video files, etc. However, any of the typical details found in the instructions left by the vast majority of ransomware threats are missing here. Indeed, the note doesn't mention any way that allows victims to contact the attackers - there are no emails or accounts for chat clients. The note also states that victims are not required to make any ransom payments because even the hackers cannot restore the data. The message clearly states that the operators of the threat do not have a decryption tool.
Usually, this is a clear indication that the current samples of the threat are being used for testing purposes or that the malware as a whole is still under active development. As such, the Hydrox Ransomware may change its goals and start demanding ransom payments in future attacks and subsequent versions.
The full text of the message left by Hydrox Ransomware is:
'Woops,all your files have been encrypted!
All your important files,like documents,photo,mp4,video and other important stuff are now encrypted by Hydrox Ransomware.
Can i recover my files?
You don’t need to pay to decrypt your files,hydrox doesn’t have a password or a tool for decryption,so don’t try to search the password or crack it 😀
Have fun trying to decrypt your files!'
SpyHunter Detects & Remove Hydrox Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | b314a1b668732b77498f316ffba5901b | 2 |
