Threat Database Ransomware Kee Ransomware

Kee Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 1
First Seen: May 17, 2017
OS(es) Affected: Windows

The Kee Ransomware is a ransomware Trojan that, like other ransomware Trojans, encrypts its victims' files and then displays a message from the Kee Ransomware's creator. However, unlike most other ransomware Trojans that demand a ransom payment in BitCoins, the Kee Ransomware does not ask for money or provide any way of recovering the victim's data. The Kee Ransomware looks to destroy the victim's data explicitly, rather than pretending to offer the possibility of recovery, as various other ransomware Trojans do.

Game Affectionate PC Users may Allow the Entrance of the Kee Ransomware Mistakenly

The Kee Ransomware may be delivered to victims by disguising itself as a legitimate program. One version of the Kee Ransomware has been observed in the wild disguised as an installer for a free game. The Kee Ransomware also may be included in spam email messages that will use corrupted scripts to download and install threats onto the victim's computer. When the Kee Ransomware is being installed, the victim will be presented with a prompt from the Windows User Account Control, which could help prevent the Kee Ransomware infection. Computer users that ignore this alert and click on OK allow the Kee Ransomware to carry out its attack, losing their files in the process.

Once the Kee Ransomware has been installed on the victim's computer, it will encrypt the victim's files. The Kee Ransomware will mark the encrypted files with the file suffix '@kee,' added to each file's name after the extension. The Kee Ransomware targets the following file types in its attack:

.gif, .jpeg, .jpg, .mov, .mp3, .mp4, .png, .txt, .wav, .wmv.

The Kee Ransomware uses a strong encryption algorithm to make the files unreachable. Once the victim's files have been made unusable, the Kee Ransomware will display a message. This message is contained in a text file titled 'Hello There! Fellow @kee User!.txt.' The Kee Ransomware message contains the following text:

'What exactly happend?
All your Videos, Music, Documents and other files are no longer accessible. I'm sorry to tell you, that there's no way to decrypt your files from this time, wasting your time is currently no good behaviour!
How to get your files back?
Now you're asking yourself how much Bitcoins you have to send to get your files back, well.. None. You simply can't get your files back!
I see that you're surprised. But let's be honest, others are just fake. You send the money.. you get nothing.
I spare you time!
But I'm a good human being!
I don't care what you are. I have nothing against you! it's not just you, it's everyone!
Then what's the matter with the countdown?
Well.. actually there might be a little chance to decrypt your files. But even I don't know how to decrypt something without a key and when the timer runs out, all of your files will be corrupted forever!
And by the way, closing this program won't help you. All files will be corrupted immediately!
Find the kee!'

Dealing with the Kee Ransomware

Unfortunately, the possibility of recovering the files that have been encrypted in the Kee Ransomware attack are nil currently. However, attacks such as the one perpetrated by the Kee Ransomware may be prevented with standard security measures that will limit the damage of a Kee Ransomware infection and mitigate the possible damage caused by this and other ransomware Trojans. The best protection against Trojans like the Kee Ransomware is to make regular backup duplicates of your files on the cloud or a removable memory device. Having the ability to recover the files from a backup copy nullifies the Kee Ransomware attack completely, removing any leverage the extortionists responsible for the Kee Ransomware attack have over the victim. Apart from duplicating the files, computer users also are urged to install an up-to-date security program. This can help prevent the Kee Ransomware from being installed. These measures, coupled with safe handling of online content (especially email attachments and online downloads) can help prevent infections like the Kee Ransomware.

SpyHunter Detects & Remove Kee Ransomware

File System Details

Kee Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe 62c2aaf974ea6d5ff2c1af56fa4afe86 1

Related Posts


Most Viewed