KillBot_Virus Ransomware
The KillBot_Virus Ransomware is a file encoder Trojan that was discovered in the third week of January 2018. The KillBot_Virus Ransomware Trojan was uploaded to an online security platform by its author. The idea behind the move is that threat authors often upload copies of their product to public security scanners to measure how many AV shields may block it. The first samples of the KillBot_Virus Ransomware suggest it is still under development.
Lab tests of the KillBot_Virus Ransomware revealed that the Trojan does not encrypt data yet. The test machines infected with KillBot_Virus allowed researchers to find that the KillBot_Virus Ransomware is using the name 'KillBot.Prime' on the ransom message. That is why some AV companies may refer to the KillBot_Virus Trojan as KillBot.Prime Ransomware. The initial version of the KillBot_Virus Ransomware might not encipher data, but it can receive updates that address this flaw. It is possible the threat authors behind the KillBot.Prime project may have crippled the sample made available to cybersecurity researchers deliberately so that the encryption procedure remains a secret and prevent a successful reverse-engineering. Either way, the KillBot_Virus Ransomware is likely to target photos, music, videos, databases, office documents, PDFs and eBooks. The ransom note is loaded as an image file, which offers the following text:
'Cops your important data was encrypted with an AES encryption algorithm!!
If you see this banner then all of your important files have been encrypted and the executable format files were infected
What is this? Killbot is a virus that encrypts files and data and infects them As you became it's victim please make sure to read all the info below.
WARNING!: THIS IS NOT SOME JOKES EVERYTHING IS REAL! ALSO DO NOT TRY TO CLOSE OR EVEN DELETE THE SOFTWARE IF YOU DO YOUR PC WILL BE DESTROYED!
Your files cannot be restored, however, there are some steps to follow if you don't want it on your computer.
Step 1: Please get a windows reinstallation CD and reinstall windows on your computer. Step 2: Get a powerful antivirus software and update it to the latest version.
Please do everything as it was written if you want to get your PC back
The best way to secure your data against threats like the KillBot.Prime Ransomware, the Krypton Ransomware, and the MoneroPay Ransomware is to integrate a backup manager and run a trusted cybersecurity product. You may want to consider buying a portable HDD device and a flash drive to store your backup securely. AV engines support detection rules for the KillBot_Virus Ransomware and might flag its related files as:
- Mal/MSIL-BA
- TROJ_GEN.R002H09AC18
- Trojan.MSIL.Krypt.4
- Win32/Trojan.385
- malicious (high confidence)
- malicious.1b8fb7
- malware (ai score=85)
- static engine - malicious
SpyHunter Detects & Remove KillBot_Virus Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | 7379f368bcbd258116b4b82a741814e4 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.