Stroman Ransomware
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 4,575 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 6,143 |
| First Seen: | October 17, 2017 |
| Last Seen: | September 20, 2023 |
| OS(es) Affected: | Windows |
The Stroman Ransomware is an encryption ransomware Trojan, which takes victims' files hostage to demand ransom in exchange for the captured files. The Stroman Ransomware uses a strong encryption method to make the victim's files inaccessible, and marking the compromised files with the file extension '.stroman.' The people responsible for the Stroman Ransomware attack demand a ransom of $500 so that a decryption key the victim needs to restore the affected files can be provided. The Stroman Ransomware was first observed being used to carry out attacks on October 12, 2017. It seems that the most common way of delivering the Stroman Ransomware to victims is through the use of compromised spam email attachments. The victims of the Stroman Ransomware attack will receive an email message with an attached file and a social engineering element designed to trick the victim into opening the file attachment. The Stroman Ransomware, when opened, is downloaded and installed on the victim's computer.
What is the Purpose of a Stroman Ransomware Attack
PC security researchers have determined that the Stroman Ransomware is an independent threat, not a part of a wider family of ransomware Trojans or a ransomware as a service (RaaS) apparently. Although there are many similarities between the Stroman Ransomware and ransomware Trojans from established families such as EDA2 and HiddenTear, the Stroman Ransomware does not seem to be related to these threats directly. Like most ransomware Trojans, the Stroman Ransomware will scan the victim's computer for the user-generated files, using a blend of the RSA and AES encryptions to make their contents inaccessible. The Stroman Ransomware targets a wide variety of file types. The Stroman Ransomware targets the same file types favored by similar threats, which include:
.aif, .apk, .arj, .asp, .bat, .bin, .cab, .cda, .cer, .cfg, .cfm, .cpl, .css, .csv, .cur, .dat, .deb, .dmg, .dmp, .doc, .docx, .drv, .gif, .htm, .html, .icns, .iso, .jar, .jpeg, .jpg, .jsp, .log, .mid, .mp3, .mp4, .mpa, .odp, .ods, .odt, .ogg,.part, .pdf, .php, .pkg, .png, .ppt, .pptx, .psd, .rar, .rpm, .rss, .rtf, .sql, .svg, .tar.gz, .tex, .tif, .tiff, .toast, .txt, .vcd, .wav, .wks, .wma, .wpd, .wpl, .wps, .wsf, .xlr, .xls, .xlsx, .zip.
The Stroman Ransomware will search for files with the extensions listed above and then encrypt their contents and add the file extension '.stroman' to the end of their file names. The Stroman Ransomware will drop a text file named 'readinfo.txt' on the infected computer after encrypting the victim's files. This file will display the following text on the victim's computer:
'All your data set are encrypted.
We can help decrypted files.
Price for full decrypt all files 500$
You will get decrypt soft + personal key + manual.
For recover your files - contact us email:
BM-2cUunjtSxYEd6Ase6hbhVyvMBVzXPUVdvu@bitmessage.ch
Please use public email for contact: gmail etc.
For you to be sure, that we can decrypt your files
You can send us 1-2 encrypted files and we will send back it in a decrypt format FREE.
For download files use only dropmefiles.com not more then 10 Mb
Send us an email:
1.your Personal ID
2.link dropmefiles.com
after wait decrypted files and further instructions.
Personal ID:
[RANDOM CHARACTERS]
Do not rename encrypted files
Do not try to decrypt your data using third party software, it cause pernament data loss
Not use false encryption key, it cause pernament data loss'
Dealing with a Stroman Ransomware Infection
PC security researchers are against paying the Stroman Ransomware ransom or following the instructions in the Stroman Ransomware ransom note. Rather than paying the ransom, computer users should take precautionary measures to ensure that their data is protected from these attacks. The best protection against the Stroman Ransomware and similar threats is to have file backups of your data. Having backup copies of your files means that computer users can recover from a Ransomware attack quickly.
