'.lockymap File Extension' Ransomware Description
The '.lockymap File Extension' Ransomware is an encryption ransomware Trojan. The '.lockymap File Extension' Ransomware was first reported in early September of 2018 and carries out a typical version of the encryption ransomware tactic. The '.lockymap File Extension' Ransomware intention is to take the victims' files hostage, as most of these threats do, and then demands a ransom payment from the victim in return for restoring access to the victim's files.
How the '.lockymap File Extension' Ransomware Infects a Computer
The '.lockymap File Extension' Ransomware is delivered to the victim in the form of a corrupted DOCX file attached to a spam email message. This file will contain an embedded macro script that downloads and installs the '.lockymap File Extension' Ransomware onto the victim's computer. Once the '.lockymap File Extension' Ransomware is installed, it will use a strong encryption algorithm to make the victim's files inaccessible. The '.lockymap File Extension' Ransomware will rename all the files it encrypts by its attack by adding the file extension '.lockymap' to the affected file's name. The '.lockymap File Extension' Ransomware's attack targets the user-generated files, which may include files with the following file extensions:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
The '.lockymap File Extension' Ransomware's Ransom Demand
The '.lockymap File Extension' Ransomware demands a ransom payment through a ransom note dropped on the infected machine. This note takes the form of a text file named 'LOCKY-README.txt,' which contains the following text message:
'Please be adviced:
All your files, pictures document and data has been encrypted with Military Grade Encryption RSA ABS-256.
Your information is not lost. But Encrypted.
In order for you to restore your files you have to purchase Decrypter.
Follow this steps to restore your files.
1 Download the Tor Browser. ( Just type in google “Download Tor“
2 Browse to URL : [.ONION domain name]
3 Purchase the Decryptor to restore your files.
It is very simple. If you don't believe that we can restore your files, then you can restore 1 file of image format for free.
Be aware the time is ticking. Price will be doubled every 96 hours so use it wisely.
Your unique ID : [random characters]
Please do not try to modify or delete any encrypted file as it will be hard to restore it.
You can contact support to help decrypt your files for you.
Click on support at h[tt]p://lockysupport[.]club'
Computer users should disregard the '.lockymap File Extension' Ransomware's ransom note and avoid following its instructions. Instead, they can restore any compromised files from a backup copy.