How to Remove the RunExeMemory Ransomware

vegalocker ransomware

The RunExeMemory Ransomware is a new piece of malware whose creators appear to be very serious about their plans and extortion techniques. The malware functions just like traditional ransomware, and it focuses on encrypting files that are likely to be valuable – documents, media, archives, databases, etc. the locked files have a random string of hexadecimal characters appended to their name (e.g. '1.jpg' renamed to '1.jpg.d81sHe.')

The ransom note dropped after the end of the attack is titled 'Read me, if you want to recover your files.txt.' This ransomware is unlikely to target regular computer users, judging by the contents of its ransom message. Instead, it appears to be designed to go after companies or large corporate networks, causing damage that could potentially cripple the affected business completely. The criminals claim that the full recovery of the network will cost 539 Bitcoin, which is approximately $34,000,000 – a ludicrous ransom fee that no company would agree to pay.

Many modern ransomware operators try to increase their odds of receiving a payment by also stealing some of the victim's data and then threatening to publish it online unless they receive a ransom payment. The criminals behind the RunExeMemory Ransomware, however, use a different approach. They warn their victim that they will become the target of relentless distributed-denial-of-service (DDoS) attacks, which will further cripple their network. It is not yet clear whether RunExeMemory Ransomware's threats are a bluff or not.

Unfortunately, free decryption tools for the RunExeMemory Ransomware are unavailable. However, paying the ransom fee is certainly out of the question. Co-operating with ransomware creators is unlikely to end well, and victims of the RunExeMemory Ransomware should look for alternative solutions.

April 13, 2021

Leave a Reply