Shrug2 Ransomware

The Shrug2 Ransomware is a generic file encryption Trojan that was categorized as a new version of the Shrug Ransomware on July 18th, 2018. The Shrug2 Ransomware is identical to the original threat except for a new 'Command and Control' server configuration and a new extension added to the file names. The payload is transmitted to users via spam emails and corrupted Microsoft Word files. The cyber-threat is known to encrypt images, video, audio, text, eBooks, and databases saved to the local memory storage. Fortunately, the threat can't spread to computers on the same network, but it deletes the Shadow Volume snapshots to prevent easy recovery. The Shrug2 Ransomware is programmed to run files through an AES cipher and place the '.SHRUG2' extension as a marker. For example, 'Dance With The Dead-Her Ghost.mp3' is renamed to 'Dance With The Dead-Her Ghost.mp3.SHRUG2.' The user-generated content becomes unreadable, and a ransom message is generated on the screen. The Shrug2 Ransomware produces a program window titled 'ShrugDecryptor' and advertises decryption services with the following text:

'Ooops! Your files have been encrypted
Are you proud of me,
papa WannaCry?
momma NotPetya?

What happened?
Your important files have been encrypted. Many of your documents, pictures, videos, databases, scripts, codes, presentations are no longer accessible because they have been encrypted. Maybe you're busy looking for a way to recover your stuff but don't waste your time. Nobody can do that without our decryption service.
Can I recover my files?
Of course! We guarantee that you can recover all your files safely and quickly. But you don't have too much time. If you want to decrypt everything, you will need to pay. You only have 3 days to submit the payment otherwise all your files will be PERMANENTLY deleted. Lost. Forever.
Payment is accepted in Bitcoin only.
Send $70 worth of Bitcoin to:
1Hr1grgH9ViEgUx73iRRJVKH3PFjUtenx'

The 'ShrugDecryptor' is presented as a mockery of the WannaCry and the NotPetya Ransomware, but it should not be taken lightly. It is advised to remove threats like Shrug2 Ransomware with the help of a credible anti-malware product. Paying money to the people behind the Shrug2 Ransomware is not a good idea as you may not receive the 'ShrugDecryptor' program. Backup images, backup storage units, and services like Dropbox can help PC users and server administrators alike to remedy security incidents that involve crypto-threats. Detection names that AVs may use in reference to the Shrug2 Ransomware include the following:

Artemis!04112AEC4740
Generic.Ransom.Hiddentear.A.B8BBD7A8
ML.Attribute.HighConfidence
Ransom.Genasom!8.293 (CLOUD)
TROJ_GEN.R002H09GC18
TR/Hiddenrear.agdsy
Trojan.Ransom.Shrug
W32/GenBl.04112AEC!Olympus
Win32/Trojan.Hoax.4a4
malicious_confidence_70% (D)
malware (ai score=97)