Sunjn is ransomware that targets its victims by encrypting their files and altering the filenames. The altered filenames include a unique identifier assigned to each victim, the email address of the cybercriminals, and a '.sunjn' extension. For instance, if a file were named "1.jpg" initially, after encryption, it would appear as '1.png.[ID STRING].(Sunjun3412@onionmail.org).sunjn." Once the encryption process is complete, the ransomware leaves a ransom-demanding message in the form of a file called "Decryption-guide.txt" on the desktop of the breached device.
Sunjn Ransomware's Demands
Sunjn's ransom-demanding message informs victims that their files have been encrypted and locked and are now inaccessible. The message warns against attempting to modify or rename the encrypted files, using third-party decryption tools, or reinstalling the operating system, as these actions could result in permanent data loss. The note includes instructions on how to contact the attackers by email ('Sunjun3412@onionmail.org' and 'Sunjun3416@zohomail.com'), who are the only ones capable of providing the necessary decryption keys.
In the case of ransomware attacks, it is typically not possible to restore the affected data without the intervention of the cybercriminals responsible for the attack. Attempts to decrypt the files by other means are often unsuccessful and could damage the files.
Paying Cybercriminals is not Recommended
There are several reasons why paying any amount of money or meeting any of the demands made by cybercriminals should be avoided. First, receiving payments from their victims will further encourage the attackers to continue with their criminal activity. This may mean future ransomware attacks that could cause even bigger financial losses.
The second reason is that even if victims pay the asked amount, there is still no guarantee of successful decryption. The attackers may not provide the decryption keys or may provide keys that don't work, leaving the victims with no way to access their encrypted files and no means of recovery.
The full ransom note dropped by the Sanjn Ransomware is:
'Your Files Are Has Been Locked
Your Files Has Been Encrypted with cryptography Algorithm
If You Need Your Files And They are Important to You, Dont be shy Send Me an Email
Send Test File + The Key File on Your System (File Exist in C:/ProgramData example : RSAKEY-SE-24r6t523 pr RSAKEY.KEY) to Make Sure Your Files Can be Restored
Get Decryption Tool + RSA Key AND Instruction For Decryption Process
1- Do Not Rename or Modify The Files (You May loose That file)
2- Do Not Try To Use 3rd Party Apps or Recovery Tools ( if You want to do that make an copy from Files and try on them and Waste Your time )
3-Do not Reinstall Operation System(Windows) You may loose the key File and Loose Your Files
Your Case ID :
OUR Email :Sunjun3412@onionmail.org
in Case of no answer: Sunjun3416@zohomail.com'