Threat Database Ransomware Priapos Ransomware

Priapos Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: May 26, 2017
Last Seen: October 16, 2019
OS(es) Affected: Windows

The Priapos Ransomware is a ransomware Trojan that carries out a typical ransomware attack, using strong encryption algorithms to make the victims' data inaccessible and then demanding the payment of a large ransom in exchange for the decryption program that can be used to recover the affected data. The Priapos Ransomware was first observed in the last week of May 2017. The Priapos Ransomware is a standalone ransomware Trojan, created from any Ransomware as a Service (RaaS) platform or a larger family of threats independently. However, the Priapos Ransomware has many elements that mimic the messages used by the Globe Ransomware family to demand ransom payments. There is little to differentiate the Priapos Ransomware from the countless other encryption ransomware Trojans that are being used actively to attack computers around the world currently.

Instead of Protecting the Procreation of Your Files, the Priapos Ransomware Encodes Them

The Priapos Ransomware's first contact with a computer may occur when the computer users open a spam email message with a file attachment. These file attachments may use corrupted macro scripts to download and execute a corrupted code on the victim's computer. In this case, the corrupted script downloads and executes the Priapos Ransomware onto the victim's computer. The Priapos Ransomware will encrypt the victim's files, marking the files it encrypts with the file extension '.PRIAPOS' added to the end of each affected files' name. The Priapos Ransomware will target files on all local drives, as well as directories shared on external memory devices and network connected to the victim's computer. In its attack, the Priapos Ransomware will target a wide variety of file types such as the user generated files and avoid files necessary for the operating system to function. This means that the Priapos Ransomware will take hostage work documents, family videos and photos, and other files that could be personally and professionally significant. After encrypting the victim's files, the Priapos Ransomware will deliver its ransom note in the form of an HTA file named 'Instructions!!!.hta,' which includes links that are designed to force computer users into agreeing to the payment of a ransom to recover the affected files. The text that is displayed on the Priapos Ransomware's ransom note reads:

'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC.
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files.If you want to restore them, write us to the e-mail
Before paying you can send us up to 1 files for free decryption. The total size of files must be less than 10Mb (non archived), and files should not contain valuable information.
The amount you need to pay to receive your files 1.5(Bitcoin)
How to obtain Bitcoins
• The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click ‘Buy bitcoins', and select the seller by payment method and price.
• Bitcoin: (Visa/MasterCard, QIWI Visa Wallet, Bank Transfer).
1.5 BTC
If I can not connect through the mail, I can not
In the reply letter you will receive a program for decryption.
After starting the decryption program, all your files will be restored.
• Do not try to uninstall the program or run antivirus software
• Attempts to self-decrypt the files will lead to the loss of your data
• Decoders of other users are incompatible with your data, as each user has a unique encryption key'

Dealing with a Priapos Ransomware Infection

The Priapos Ransomware demands a large ransom, 1.5 BitCoin (almost $4000 at the current exchange rate). While this is an amount commonly seen in BitCoins, the rapid rise in this currency's value has led to exorbitant ransoms. Paying the Priapos Ransomware ransom is not the right move. Instead, have file backups to allow the recovery of the encrypted files while bypassing any payment to the people responsible for the attack.


Most Viewed