Ransomware Ransomware Description

The Ransomware is an Encryption Trojan that is designed to infect server systems and prioritize the encryption of databases. The Ransomware may be propagated via corrupted links, spam mail and compromised RDP (Remote Desktop Protocol) connections. The Ransomware may be introduced to protected machines via a Trojan-Dropper like Gamarue. Researchers note that the Ransomware is not an original cryptomalware and is a derivative of the Troldesh Ransomware.

The Ransomware uses a public key to encrypt the user's data, and you will need the private decryption key to unlock objects with the .id-[eight random characters] As stated above, the Ransomware is used in attacks on server networks predominantly and may encode the following data containers:


For example, storesales_au_2016.db will con encoded to The threat actors behind the Ransomware do not bother to release a decryption tool, and you may not get your data back. If you have a good server policy, you should be able to recover from backup drives. Remember to change the passwords and network connections to your network and avoid infection with the Ransomware in the future. Do not miss to incorporate a reputable anti-malware shield to protect your server machines as well.

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.