Spartacus Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 4 |
| First Seen: | April 16, 2018 |
| Last Seen: | April 16, 2021 |
| OS(es) Affected: | Windows |
The Spartacus Ransomware is an encryption ransomware Trojan that is used to extort inexperienced computer users. The Spartacus Ransomware was first observed on April 15, 2018, and is used to take the victims' files hostage to demand ransom payments from its victims. The Spartacus Ransomware is delivered using spam email attachments. Threats like the Spartacus Ransomware are used to generate revenue at the expense of computer users, and it is important to take steps to ensure that your files are safe from these threats.
Table of Contents
How the Spartacus Ransomware Carries out Its Attack
The Spartacus Ransomware runs as 'SF.exe' on an infected computer. The Spartacus Ransomware will use strong encryption algorithms to make the victims' files unusable and will remove any other possible file recovery mechanisms, such as the Shadow Volume Copies and the System Restore points. When the Spartacus Ransomware encrypts a file, it will be marked with the file extension '.Spartacus,' and may include the con artists' contact email between brackets, often resembling the string '[MastersRecovery@protonmail.com].Spartacus.' The Spartacus Ransomware will encrypt a wide variety of file types, which may include the following:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
The Spartacus Ransomware’s Ransom Demand
The Spartacus Ransomware will demand a ransom payment by dropping a text file onto the victim's computer. This text file, named 'READ ME.txt,' will be dropped on the infected computer's desktop and will contain the following message:
'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us the e-mail:
MastersRecovery@protonmail.com and send personal ID KEY:
[48 RANDOM CHARACTERS]
In case of no answer in 24 hours us to theese e-mail: MastersRecovery@cock.li
You have to pay for decryption in Bitcoins. The price depends on how you write to us. After payment we will send you the decryption tool that will decrypt all your files.
Free decryption as quarantee
Before paying can send us up to 5 files for free decryption. Total size of file must be less than 10Mb (non archived), and files should not contain valuable information (databases, backups, large excel sheets, etc.)
How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click "Buy bitcoins", and select the seller by payment method and price.
xxxxs://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
xxxxs://www.coindesk.com/information/how-can-i-buy-bitcoins/
Attention!
Do not rename encrypted files.
Do not try decrypt your data using party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'
The Spartacus Ransomware Trojan's ransom note provides recovery instructions. However, affected users shouldn't follow it and, instead, take precautions to limit the extent of the damage resulting from a Spartacus Ransomware infection. The best precaution against threats like the Spartacus Ransomware is to have file backups and a strong anti-malware program that is fully up-to-date.
SpyHunter Detects & Remove Spartacus Ransomware
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | ef25bdbcf05fa478df3ddc5f4f717c070e443da04cfc590d44409c815f237cb3 | 25dee2e70c931f3fa832a5b189117ce8 | 1 |
| 2. | file.exe | f31d6529ff4ad98053f9a8a9832f95e3 | 0 |
