Wana Decrypt0r Trojan-Syria Editi0n Ransomware

Wana Decrypt0r Trojan-Syria Editi0n Ransomware Description

The Trojan-Syria Editi0n Ransomware is designed to mimic the WannaCry Ransomware infection, a well-known ransomware Trojan that received substantial media attention in May of 2017. The Trojan-Syria Editi0n Ransomware claims to be a Syrian version of the WannaCry Ransomware, and it is designed to infect computers running the Windows operating system. The Trojan-Syria Editi0n Ransomware is not a WannaCry variant, and there is no relationship between the Trojan-Syria Editi0n Ransomware and that sophisticated ransomware Trojan. The Trojan-Syria Editi0n Ransomware is a variant of HiddenTear, an open source ransomware engine that has spawned countless ransomware variants since it was first made public in August of 2015. Although the Trojan-Syria Editi0n Ransomware is not designed as a variant of WannaCry, the Trojan-Syria Editi0n Ransomware is still capable of carrying out an effective ransomware attack that can compromise the computer users' files. Because of this, PC security analysts strongly advise taking precautions, especially by establishing backup systems and taking extra care when handling any spam email or email attachments or links.

How the Trojan-Syria Editi0n Ransomware Attacks a Computer

PC security analysts have detected various other ransomware Trojans trying to emulate WannaCry, which was responsible for thousands of attacks around the world and received lots of attention. There are two versions of the Trojan-Syria Editi0n Ransomware. The first one of these marks the files encrypted in the attack with the file extension '.wannacry' and seems to be an early release of the Trojan-Syria Editi0n Ransomware. The second version of the Trojan-Syria Editi0n Ransomware uses a longer extension to mark the files: '.Wana Decrypt0r Trojan-Syria Editi0n,' which is added to the end of every file name. The Trojan-Syria Editi0n Ransomware also will change the infected computer's desktop image into a pirate flag with the message 'THE INTERNET All the PIRACY, none of the SCURVY.'

Con Artists can Profit from an Attack by the Trojan-Syria Editi0n Ransomware

The Trojan-Syria Editi0n Ransomware in both versions demands the payment of $50 USD in BitCoins. Although this is not as large as the amount demanded by these threats, criminals will seldom keep their promise to provide the decryption key, instead demanding additional ransom payments or ignoring the victim altogether. Because of this, computer users should use backup copies to recover the affected files. The Trojan-Syria Editi0n Ransomware infection itself can be deleted with a reliable security program. Both versions of the Trojan-Syria Editi0n Ransomware use some variant of the following ransom note to demand payment:

'Ooops, Your Files Have Been Encrypted !!!
What Happened To My Computer?
your important files are encrypted.
many of your documents, photos, videos, and other files are no longer
accessible because they have been encrypted, maybe you are busy looking
way to recover your files, but do not waste your time, nobody can recover
your files without our decryption service.
Can I Recover My Files?
sure we guarantee that you can recover all your files safely and easily.
but you have not so enough time.
if you need to decrypt your files, yo need to pay.
you only have 3 days to submit the payment.
after that the price will be doubled or your files and computer will be destroyed
How Do I Pay?
payment is accepted in bitcoin only, for more information, click
check the current price of bitcoin and buy some bitcoin. for more information,
and send correct amount to the address below
after your payment, click to to decrypt your files.
Send $50 Worth In Bitcoin To This Address
[BTC] button [Copy]
button [Check Payment]'

In both cases, the Trojan-Syria Editi0n Ransomware seems to encrypt a few file types. However, these are still common file types, and their loss will mean significant problems for the affected computer user. The following file types are encrypted in the Trojan-Syria Editi0n Ransomware infections:

.asp, .aspx, .bmp, .csv, .doc, .docx, .exe, .flv, .gif, .html, .jpeg, .jpg, .mdb, .mp3, .mp4, .pdf, .php, .png, .ppt, .pptx, .psd, .rar, .rtf, .sln, .txt, .xls, .xlsx, .xml, .zip.

Infected with Wana Decrypt0r Trojan-Syria Editi0n Ransomware? Scan Your PC

Download SpyHunter's Spyware Scanner
to Detect Wana Decrypt0r Trojan-Syria Editi0n Ransomware
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

Wana Decrypt0r Trojan-Syria Editi0n Ransomware creates the following file(s):
# File Name Size MD5 Detection Count
1 file.exe 933,888 ad6cd3a7bdba834edcf153fec13e908f 26

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 11 + 8 ?