Yalohol Ransomware

ransomware

A new member of the Spora ransomware family joins the ranks of Spore variants. The new clone is called the Yalohol ransomware.

Yalohol behaves as all ransomware does - it will encrypt files on the infected system, leaving them unopenable and largely useless. Upon encryption, the ransomware adds a multi-string extension to the old file name. The added strings include the victim's ID, the contact email used by the ransomware operator and the ".0MFD" string. This means that a file formerly named "document.txt" will turn into "document.txt[ID=[alphanumeric string]-Mail=yalohol9@gmail.com].0MFD."

The affected file types are the usual - largely any file that is not essential to the functioning of the OS. This includes documents, media and archive files as well as databases.

The ransom demands are dropped inside two files - "ReadMe_Now!.hta" and "Read_Me!_.txt". The full contents of the plain text go as follows:

All Your Files Encrypted And Sensitive Data Downloaded (Financial Documents,Contracts,Invoices etc.. ).

To Get Decryption Tools You Should Buy Our Decrption Tools And Then We Will Send You Decryption Tools And Delete Your Sensitive Data From Our Servers.

If Payment Is Not Made We have to Publish Your Sensitive Data If Necessary Sell Them And Send Them To Your Competitors And After A While Our Servers Will Remove Your Decrypion Keys From Servers.

Your Files Encrypted With Strongest Encryption Algorithm So Without Our Decryption Tools Nobody Can't Help You So Do Not Waste Your Time In Vain!

Your ID:  -

Email Address: yalohol9@gmail.com

In Case Of Problem With First Email Write Us E-mail At : yalohol@cyberfear.com

Send Your ID In Email And Check Spam Folder.

This Is Just Business To Get Benefits, If Do Not Contact Us After 48 Hours Decryption Price Will x2.

What Guarantee Do We Give You ?

You Should Send Some Encrypted Files To Us For Decryption Test.

---------------------------------------------------

Attention!

Do Not Edit Or Rename Encrypted Files.

Do Not Try To Decrypt Files By Third-Party Or Data Recovery Softwares It May Damage Files.

In Case Of Trying To Decrypt Files With Third-Party Sofwares,This May Make The Decryption Harder So Prices Will Be Rise.

---------------------------------------------------

How To Buy Bitcoin :

Buy Bitcoin Instructions At LocalBitcoins :

hxxps://localbitcoins.com/guides/how-to-buy-bitcoins

Buy Bitcoin Instructions At Coindesk And Get More Info By Searching At Google :

hxxps://www.coindesk.com/learn/how-can-i-buy-bitcoin/

By Zaib
July 12, 2022
Ransomware
English
July 12, 2022
Ransomware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Ransomware

Remove Decryption#1222 Ransomware

Decryption#1222 Ransomware is a dangerous threat whose creators is extorting the victims for money. Just like other ransomware applications, this one also works by encrypting the victim's files, therefore preventing... Read more

April 29, 2022
Ransomware

Snick Ransomware Encrypts Several Files

Snick Ransomware is a dangerous malware threat that comes from the Makop family of malware threats. The actions of Snick Ransomware start with seeking out certain files, encrypting them, and then appending the .snick... Read more

March 3, 2022
Ransomware

Elbie Ransomware

Cybercriminals are busy infiltrating vulnerable computers with malware threats that earn them money. Ransomware has been one of their primary weapons for extorting money from victimized computer users, and the Elbie... Read more

May 24, 2022
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.