Threat Database Ransomware '.wcry File Extension' Ransomware

'.wcry File Extension' Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 7
First Seen: February 14, 2017
Last Seen: October 28, 2021
OS(es) Affected: Windows

The '.wcry File Extension' Ransomware is a ransomware Trojan that is used to force computer users to pay a large ransom by taking their files hostage. The '.wcry File Extension' Ransomware will target the victim's files, encrypting them to make them inaccessible. The '.wcry File Extension' Ransomware has the capacity to encrypt more than 160 different file types during its attack. After encrypting the victim's files, the '.wcry File Extension' Ransomware displays a ransom note demanding that the victim makes a payment to recover the affected files. The '.wcry File Extension' Ransomware is distributed through corrupted file attachments delivered through spam email campaigns. Being cautious when handling unsolicited email attachments is one of the best ways to prevent the '.wcry File Extension' Ransomware from entering a computer.

The Scary Ransom Note Presented by the '.wcry File Extension' Ransomwar

There are several ways in which the '.wcry File Extension' Ransomware could be distributed to potential victims of this attack. These may include corrupted spam email messages, file sharing websites distributing corrupted files corrupted scripts on compromised websites, or even con artists hacking into the victim's computer directly, (which is not uncommon in the case of high-profile targets such as Web servers or corporate networks). Once the '.wcry File Extension' Ransomware has been installed on the victim's computer, it will encrypt the victim's files, identifying each of the encrypted files with the extension '.wcry.' During the attack, the '.wcry File Extension' Ransomware will deliver a ransom note written in English that is designed to scare computer users into paying a ransom. The text of the '.wcry File Extension' Ransomware ransom note reads as follows:

'Your files have been safely encrypted!
Most of your files are encrypted with strong AES-128 ciphers.
To decrypt files you need to obtain the private keys, and it is the only possible way.
To obtain the keys you should pay them with bitcoin.
The cost will double by the specified time.
The cost will double
[date and time] What to do, How to do
1. Send 0.1 BTC to 1G7bggAjH8pJaUfUoC9kRAcSCoev6djwFZ
You will be able to download the private key within 12 hours.
2. How to DECRYPT your files
1) Click 'Start Decrypt'.
2) First, you should send a download request with your Bitcoin wallet address.
(Important: You must know your actual wallet address from where your payment be sent.)
3) Sleep.
4) After 5~6 hours you will have the key and can decrypt your files. Go!
5) That's all.
3. About BITCOIN
1) For more information about bitcoin, please visit https://en.wikipedia.org/wiki/Bitcoin
2) Here are our recommendations to purchase bitcoin:

Any attempt to corrupt or remove this software will result in immediate elimination of the private keys by the server.
Start Decrypt'

The '.wcry File Extension' Ransomware demands the payment of 0.1 Bitcoin in its attack, which is equivalent to about $100 USD. Avoid paying the '.wcry File Extension' Ransomware ransom. There is little chance that the people responsible for the '.wcry File Extension' Ransomware attack will keep their word and help victims recover. Furthermore, the payment will go towards creating additional ransomware and carrying out more attacks on potential victims. The '.wcry File Extension' Ransomware targets the following file extensions during its attack:

.key, .crt, .csr, .p12, .pem, .odt, .ott, .sxw, .stw, .uot, .3ds, .max, .3dm, .ods, .ots, .sxc, .stc, .dif, .slk, .wb2, .odp, .otp, .sxd, .std, .uop, .odg, .otg, .sxm, .mml, ., .lay, .lay6, .asc, .sqlite3, .sqlitedb, .sql, .mdb, .db, .dbf, .odb, .frm, .myd, .myi, .ibd, .mdf, .ldf, .sln, .suo, .cs, .c, .cpp, .pas, .h, .js, .vb, .pl, .dip, .dch, .sch, .brd, .jsp, .php, .asp, .rb, .java, .jar, .class, .sh, .mp3, .wav, .swf, .fla, .wmv, .mpg, .mpeg, .vob, .asf, .avi, .mov, .mp4, .3gp, .mkv, .3g2, .flv, .wma, .mid, .m3u, .m4u, .ai, .psd, .nef, .tiff, .tif, .cgm, .raw, .gif, .png, .bmp, .backup, .zip, .rar, .7z, .gz, .tgz, .tar, .bak, .tbk, .tarbz2, .PAQ, .ARC, .aes, .gpg, .vmx, .vmdk, .vdi, .602, .hwp, .edb, .potm, .potx, .ppam, .ppsx, .ppsm, .pps, .pot, .pptm, .xltm, .xltx, .xlc, .xlm, .xlt, .xlw, .xlsb, .xlsm, .dotx, .dotm, .dot, .docm, .docb, .jpg, .jpeg, .dwg, .pdf, .rtf, .csv, .txt, .wk1, .wks, .123, .vsdx, .vsd, .eml, .msg, .ost, .pst, .pptx, .ppt, .xlsx, .xls, .docx, .doc.

Trending

Most Viewed

Loading...