Sad Computer Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 3 |
First Seen: | April 16, 2019 |
Last Seen: | June 22, 2022 |
OS(es) Affected: | Windows |
The Sad Computer Ransomware Trojan is an encryption ransomware Trojan released in April 2019. In September 2017, a previous ransomware Trojan was released with the same name. There is no relation between this new ransomware variant and the previously released threat. This version of the Sad Computer Ransomware uses an encryption algorithm to make the victim's files inaccessible, then demand a ransom from the victim in exchange for the decryption key needed to restore the affected data.
How the Sad Computer Ransomware Attacks Your Machine
Like most encryption ransomware Trojans, the Sad Computer Ransomware targets the user-generated files in its attack. The Sad Computer Ransomware makes these files inaccessible. The files encrypted by the Sad Computer Ransomware attack are marked with the file extension '.sad,' which it will add to each file's name. Most encryption ransomware Trojans target files with the following file extensions:
.jpg, .jpeg, .raw, .tif, .gif, .png, .bmp, .3dm, .max, .accdb, .db, .dbf, .mdb, .pdb, .sql, .dwg, .dxf, .cpp, .cs, .h, .php, .asp, .rb, .java, .jar, .class, .py, .js, .aaf, .aep, .aepx, .plb, .prel, .prproj, .aet, .ppj, .psd, .indd, .indl, .indt, .indb, .inx, .idml, .pmd, .xqx, .xqx, .ai, .eps, .ps, .svg, .swf, .fla, .as3, .as, .txt, .doc, .dot, .docx, .docm, .dotx, .dotm, .docb, .rtf, .wpd, .wps, .msg, .pdf, .xls, .xlt, .xlm, .xlsx, .xlsm, .xltx, .xltm, .xlsb, .xla, .xlam, .xll, .xlw, .ppt, .pot, .pps, .pptx, .pptm, .potx, .potm, .ppam, .ppsx, .ppsm, .sldx, .sldm, .wav, .mp3, .aif, .iff, .m3u, .m4u, .mid, .mpa, .wma, .ra, .avi, .mov, .mp4, .3gp, .mpeg, .3g2, .asf, .asx, .flv, .mpg, .wmv, .vob, .m3u8, .dat, .csv, .efx, .sdf, .vcf, .xml, .ses, .qbw, .qbb, .qbm, .qbi, .qbr , .cnt, .des, .v30, .qbo, .ini, .lgb, .qwc, .qbp, .aif, .qba, .tlg, .qbx, .qby , .1pa, .qpd, .txt, .set, .iif, .nd, .rtp, .tlg, .wav, .qsm, .qss, .qst, .fx0, .fx1, .mx0, .fpx, .fxr, .fim, .ptb, .ai, .pfb, .cgn, .vsd, .cdr, .cmx, .cpt, .csl, .cur, .des, .dsf, .ds4, , .drw, .eps, .ps, .prn, .gif, .pcd, .pct, .pcx, .plt, .rif, .svg, .swf, .tga, .tiff, .psp, .ttf, .wpd, .wpg, .wi, .raw, .wmf, .txt, .cal, .cpx, .shw, .clk, .cdx, .cdt, .fpx, .fmv, .img, .gem, .xcf, .pic, .mac, .met, .pp4, .pp5, .ppf, .nap, .pat, .ps, .prn, .sct, .vsd, .wk3, .wk4, .xpm, .zip, .rar.
Once the Sad Computer Ransomware has encrypted the victim's files, it delivers a showy ransom note claiming that the victims' files have become completely lost and demanding a ransom payment. The Sad Computer Ransomware ransom note contains several options for payment and claims that the victim has a deadline of only five minutes to avoid losing all the files permanently. Computer users are urged to refrain from following the instructions in the Sad Computer Ransomware ransom note, and there is no urgency to paying the Sad Computer Ransomware ransom.
Dealing with a Sad Computer Ransomware Infection
It is never a good idea to pay the ransom demanded by these threats, even though it may be impossible to restore the files compromised by the ransomware attack. This is, however, not the case with the Sad Computer Ransomware and the files encrypted by the Sad Computer Ransomware attack are very easy to decrypt. This is not what happens with most encryption ransomware Trojans, though, and computer users are strongly advised to take the following protections to ensure that their data is safe from other threats that carry out a similar attack but with a stronger encryption method:
- Computer users should have backup copies of their files stored in a secure location.
- Computer users should use a reliable security program that is fully up-to-date to scan their PCs and intercept threats like the Sad Computer Ransomware before they carry out their attacks.
- Threats like the Sad Computer Ransomware are often distributed via corrupted spam email attachments, and computer users should treat this content with extreme suspicion.