RunExeMemory Ransomware
RunExeMemory belongs to the class of malware threats classified as ransomware. These threats are designed to block users from accessing their own files and then extorting the victims for money in exchange for the restoration of the data. Ransomware threats deploy an encryption routine with an uncrackable cryptographic algorithm that renders all affected files unusable. All of the most widely used file types are targeted - PDFs, MS Office documents, archives, databases, photos, etc.
RunExeMemory Ransomware follows the same blueprint - it encrypts the user's files and modifies their names by appending a random string of characters as a new file extension. The threat will then proceed to drop its ransom note containing instructions from the hackers. The note will be delivered in the form of text files named 'Read me, if you want to recover your files.txt.'
Usually, the instructions provide some kind of a communication channel such as an email address or a dedicated website that the threat's victims can use to contact the hackers and begin the negotiation process. RunExeMemory Ransomware, however, doesn't have such information in its note. There is also a lack of a cryptocurrency wallet address where the victims are supposed to send the ransom. When the ransom note lacks such important details, it is usually a sign that the current run of the ransomware is carried out mostly with testing purposes in preparation for the real attack campaign. There is also the fact that at least for the moment, RunExeMemory Ransomware asks its victims to pay the sum of 539 BTC (Bitcoin), which amounts to more than $34 million at the current price of the Bitcoin cryptocurrency. Such an exorbitant price is more than likely just a placeholder.
Unfortunately, victims of RunExeMemory Ransomware are left with few viable options. The best chance of getting your files back is to restore them from a backup that was created before the ransomware had infiltrated the computer system. Use a professional anti-malware solution to remove RunExeMemory before you restore the files or you risk getting them encrypted all over again.
RunExeMemory Ransomware's note is:
'Restoring all files on your network -> 539 BTC
It's your identifier:
We will contact you ourselves
*If you don't pay us, then expect a wave of DDoS attacks.'
