Threat Database Ransomware Styx Ransomware

Styx Ransomware

By GoldSparrow in Ransomware

The Styx Ransomware is an encryption ransomware Trojan that was first observed on December 14, 2017. The Styx Ransomware is designed to infect computers running the Windows operating system. The Styx Ransomware seems to spread using corrupted email attachments in the form of corrupted Microsoft Word files that include embedded macro scripts that download and install the Styx Ransomware onto the victim's computer. When the Styx Ransomware encrypts a file, it can be easily recognized because the Styx Ransomware will add the file extension '.styx' to each affected file.

How You can Know that Your Machine is Infected with the Styx Ransomware

The Styx Ransomware will target the user-generated files, which may include images and a wide variety of document types. The Styx Ransomware will encrypt the following file types on the victims' computers:

.123, .602, .asm, .CSV, .dif, .DOC, .docb, .docm, .docx, .DOT, .dotm, .dotx, .hwp, .mml, .odg, .odp, .ods, .odt, .otg, .otp, .ots, .ott, .pdf, .pot, .potm, .potx, .ppam, .pps, .ppsm, .ppsx, .PPT, .pptm, .pptx, .RTF, .rtf, .sldm, .sldx, .slk, .stc, .std, .sti, .stw, .sxc, .sxd, .sxi, .sxm, .sxw, .txt, .uop, .uot, .wb2, .wk1, .wks, .xlc, .xlm, .XLS, .xlsb, .xlsm, .xlsx, .xlt, .xltm, .xltx, .xlw, .xml.

There are countless ransomware Trojans that are similar to the Styx Ransomware, although it does not seem that the Styx Ransomware is part of a larger family of ransomware Trojans. Some variants of the Styx Ransomware run with the file name 'STX1.2.exe,' which has been observed as early as November 25, 2017, carrying out attacks on victims.

The Styx Ransomware’s Ransom Demands

The people responsible for the Styx Ransomware attack demand a ransom payment of 300 USD from their victims, to be paid through Bitcoin. The Styx Ransomware delivers its ransom note in a text or HTML file. The files that have been associated with the Styx Ransomware's ransom note are:

0_HELP_DECRYPT_FILES.txt
0_HELP_DECRYPT_FILES2.txt
0_HELP_DECRYPT_FILES.html
0_HELP_DECRYPT_FILES2.html

Below is the full text of the Styx Ransomware ransom note, contained in the files listed above:

'Attention!
All of your files have been encrypted by the Styx Ransomware!
----Not your language? USE: https://translate.google.com/----
--------------------------------------------------------------------------------------
All of your files (photos, videos, documents, etc) are encrypted using AES-256 bit encryption
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
Decrypting of your files is only possible with the private key and a decrypt program which is on our secret server.
Decryption of your files will cost you $300 Dollars worth of Bitcoin
Your files will be lost at 12/20/2017 7:12:35 PM, when this date has been passed your files are lost forever.
Please follow these instructions:
1. You can make a payment with Bitcoin, there are many methods to get them.
2. Register a bitcoin wallet or login to one if you already have one, if you don't we recommend http://blockchain.info
3. Purchasing Bitcoins, altought it's not yet easy to buy bitcoins, it's getting simpler every day
Here are our recommendations:
https://localbitcoins.com/ International
https://blockchain.info
https://coincafe.com
https://buy.bitcoin.com/
4. Send 300$ dollars worth of Bitcoins to the address specified below. After sending bitcoins send email to styxsupport@mail2tor.com with your Personal Identifier and your Bitcoin transaction ID
We will send you the decryption key and program after the payment has been confirmed
--------------------------------------------------------------------------------------
YOUR PERSONAL Identifier: [redacted hex]
Bitcoin Address: 15mA1ea42KSRpjYDiEJYjrHCjjMp3Cq3SG
Bitcoin Amount: 300$ dollars worth of Bitcoins
--------------------------------------------------------------------------------------
5. After your payment has been confirmed, you will receive your decryption program and key in 1 hour
to email address that was used in Step 4.'

Dealing with a Styx Ransomware Attack

Computer users are strongly advised to refrain from following the instructions in the Styx Ransomware's ransom note or contacting the people responsible for the Styx Ransomware attack. The best way to recover your data after a Styx Ransomware infection is to restore the affected files from a backup copy. Because of this, backup images or copies on guarded places are the best precautionary measure against the Styx Ransomware and numerous other encryption ransomware Trojans active today.

SpyHunter Detects & Remove Styx Ransomware

File System Details

Styx Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe d3a28981bf09718ebc54f9cbeaa0eb99 0

Related Posts

Trending

Most Viewed

Loading...