Threat Database Ransomware TheDarkEncryptor Ransomware

TheDarkEncryptor Ransomware

By GoldSparrow in Ransomware

TheDarkEncryptor Ransomware is a ransomware Trojan that was first observed in June of 2017. TheDarkEncryptor Ransomware may be distributed using typical ransomware delivery methods, which include the use of corrupted email messages that use file attachments with bad scripts that download and install TheDarkEncryptor Ransomware on the victim's computer. TheDarkEncryptor Ransomware is designed to encrypt computers running the Windows operating system and will run in an executable file named 'RansomWare.exe' on the victim's computer. TheDarkEncryptor Ransomware will use a combination of the AES and RSA encryption to make the victim's files inaccessible. TheDarkEncryptor Ransomware also will delete the Shadow Volume Copies, which could be used by the victim to recover from the attack. TheDarkEncryptor Ransomware takes the victim's files hostage to demand the payment of a large ransom.

A Quick Explanation of the DarkEncryptor Ransomware Infection

TheDarkEncryptor Ransomware will encrypt all files on local drives, as well as on directories shared on external memory devices linked to the affected computer or a network. TheDarkEncryptor Ransomware is themed after the Saw movies, a theme that has been observed in various other ransomware Trojans. The DarkEncryptor Ransomware makes it very easy to identify the files compromised during its attack because the file extension '.tdelf' that will be added to each file's name. The con artist will often release multiple versions of their ransomware Trojans as a way to stay ahead of PC security researchers so that it is likely that new variants of TheDarkEncryptor Ransomware will appear.

TheDarkEncryptor Ransomware’s Ransom Demands

TheDarkEncryptor Ransomware demands the payment of $100 USD in BitCoin to provide the means to recover the affected files. TheDarkEncryptor Ransomware delivers its ransom note in a program window that contains the following message:

'All your files have been encrypted ! (Pictures, documents, music, ...)
That means that you can't get them back unless you buy the decryptor.
To get the decryptor, you need to pay 100 USD in Bitcoin to the address written below.
If you don't have bitcoin, please create a CoinBase account and buy the amount in bitcoins.
Once you've made the payment, it should take up to 45 minutes before your files are going to get decrypted
For more informations about the payment, please read the text file placed on your desktop
Have a nice day !
WARNING: If you kill this programm, you won't get your files back !
IMPORTANT: If you have an antivirus program, disable the real-time protection to prevent it from deleting the decryptor'

TheDarkEncryptor Ransomware will change the infected computer's Desktop image to display a ransom message demanding the payment of a ransom from the victim. This image contains a picture of Jigsaw, from the Saw movies, and contains the following message:

'THE DARK ENCRYPTOR
All your files have been encrypted by THE DARK ENCRYPTOR using a military grade encryption algorithm.
But dont worry ! You can get them backn you just need to pay 100 USD in bitcoin. For more informationst please read the text document placed on your Desktop.
Have a nice day !
WARNING: The price will rise to 350 USD if you don't pay in the next 5 days.'

Protecting Yourself from TheDarkEncryptor Ransomware Completely

Fortunately, protecting your computer and data from TheDarkEncryptor Ransomware is not difficult. The most effective protection against these infections is to have reliable file backups on an external memory device or the cloud. Since the decryption of the files affected by the attack may not be possible, it is important to have the capability to recover these files using a backup copy, which invalidatesTheDarkEncryptor Ransomware attack and removes any need to pay the ransom to recover the affected data. File backups, coupled with a reliable security program, are the best protective measure against TheDarkEncryptor Ransomware and similar threats.

SpyHunter Detects & Remove TheDarkEncryptor Ransomware

File System Details

TheDarkEncryptor Ransomware may create the following file(s):
# File Name MD5 Detections
1. file.exe 2247240f7b7f2885a9cb21efe1c25a44 0

Trending

Most Viewed

Loading...