Ssananunak1987@protonmail.com Ransomware
The Ssananunak1987@protonmail.com Ransomware is a ransomware Trojan that carries out a typical version of the encryption ransomware tactic. The Ssananunak1987@protonmail.com Ransomware, like the many other versions of this tactic that exist currently, uses an effectual encryption algorithm to encrypt the victim's files, essentially taking them hostage. The Ssananunak1987@protonmail.com Ransomware then demands a ransom payment by displaying a ransom note on the targeted computer.
Table of Contents
How the Ssananunak1987@protonmail.com Ransomware can Enter a Computer
The Ssananunak1987@protonmail.com Ransomware compromises the victim's files using a technique that makes them easily recognizable because the Ssananunak1987@protonmail.com Ransomware adds the file extension '.excuses' to each file that is encrypted by its attack. The Ssananunak1987@protonmail.com Ransomware asks the victims to contact the criminals via email to obtain the decryption key. The Ssananunak1987@protonmail.com Ransomware is commonly delivered via spam email messages. However, the Ssananunak1987@protonmail.com Ransomware also has been linked to bogus Adobe Flash updates and fake fonts for various Web browsers. The Ssananunak1987@protonmail.com Ransomware's distribution is quite limited, and the Ssananunak1987@protonmail.com Ransomware attacks have not had a wide reach.
How the Ssananunak1987@protonmail.com Ransomware Carries Out Its Attack
The Ssananunak1987@protonmail.com Ransomware uses the AES encryption to make its victim's files inaccessible. The Ssananunak1987@protonmail.com Ransomware seems to target the user-generated files in its infection process. The following are samples of the file types that are targeted by the Ssananunak1987@protonmail.com Ransomware and similar threats:
.3dm, .3g2, .3gp, .7zip, .aaf, .accdb, .aep, .aepx, .aet, .ai, .aif, .as, .as3, .asf, .asp, .asx, .avi, .bmp, .c, .class, .cpp, .cs, .csv, .dat, .db, .dbf, .doc, .docb, .docm, .docx, .dot, .dotm, .dotx, .dwg, .dxf, .efx, .eps, .fla, .flv, .gif, .h, .idml, .iff, .indb, .indd, .indl, .indt, .inx, .jar, .java, .jpeg, .jpg, .js, .m3u, .m3u8, .m4u, .max, .mdb, .mid, .mkv, .mov, .mp3, .mp4, .mpa, .mpeg, .mpg, .msg, .pdb, .pdf, .php, .plb, .pmd, .png, .pot, .potm, .potx, .ppam, .ppj, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .prel, .prproj, .ps, .psd, .py, .ra, .rar, .raw, .rb, .rtf, .sdf, .sdf, .ses, .sldm, .sldx, .sql, .svg, .swf, .tif, .txt, .vcf, .vob, .wav, .wma, .wmv, .wpd, .wps, .xla, .xlam, .xll, .xlm, .xls, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml, .xqx, .xqx, .zip.
The Ssananunak1987@protonmail.com Ransomware also has been observed to add a longer file extension that may include the Ssananunak1987@protonmail.com Ransomware's contact email in the changed file name, apart from the file extension '.excuses.' Once the Ssananunak1987@protonmail.com Ransomware has encrypted the victim's files, the Ssananunak1987@protonmail.com Ransomware delivers its ransom demand in a text file named 'Readme.txt' that is written in Russian entirely. Below we added a translation into English of the Ssananunak1987@protonmail.com Ransomware ransom note:
'Your files were encrypted with AES-256.
Ask how to restore your files by email ssananunak1987@protonmail[.]com
Use only gmail.com, yahoo.com, protonmail.com.
Messages written from other mail services we can not get.
We always respond to messages. If there is no answer within 24 hours, then write us with another email service.
[OR]
If within 24 hours you have not received a response, you need to follow the following instructions:
a) Download and install TOR browser: https://www.torproject[.]org/download/download-easy.html.en
b) From the TOR browser, follow the link: torbox3uiot6wchz.onion
c) Register your e-mail (Sign Up)
d) Write us on e-mail: ssananunak1987@torbox3uiot6wchz[.]onion
ATTENTION: e-mail (ssananunak1987@torbox3uiot6wchz[.]onion) accepts emails, only with e-mail registered in the TOR browser at torbox3uiot6wchz.onion
Any actions on your part over encrypted files can damage them. Be sure to make backups!
In the message write us this ID:
[base64 string]'
Dealing with the sananunak1987@protonmail.com Ransomwar
Malware analysts advise computer users to avoid contacting the criminals responsible for the Ssananunak1987@protonmail.com Ransomware or following the instructions in the Ssananunak1987@protonmail.com Ransomware's ransom note. Instead, malware analysts advise computer users to take preventive measures against this attack. The Ssananunak1987@protonmail.com Ransomware itself can be removed with a reliable security program that is fully up-to-date. The affected files should then be recovered with backup copies. Because of this, file backups stored on the cloud or an external memory device are the best protection against the Ssananunak1987@protonmail.com Ransomware and the many other encryption ransomware Trojans that are in use currently.
