AXLocker 勒索软件保留文件名不变

AXLocker 是 2022 年 11 月中旬在野外发现的一种新的勒索软件变种。该勒索软件不属于任何更大的变种家族。

AXLocker 加密受感染系统上的文件，加密其内容使其不可读，然后在弹出窗口中显示勒索赎金通知。

与几乎所有其他勒索软件不同，AXLocker 不会更改加密文件的原始文件名，这意味着在您尝试打开文件之前无法直观地判断哪些文件已加密，哪些未加密。

加密将影响大多数广泛使用的扩展名和文件类型，包括文档、媒体文件、档案和可执行文件。

加密成功后，赎金票据会显示在弹出窗口中，并且不会在任何地方生成纯文本文件。完整的赎金记录如下：

WARNING!!

Private key will be deleted in:

(timer module)

Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a time period specified in this window.

Warning!!

1. Do not turn off the ransomware, if you do so the private key will be deleted.

2. Do not turn off the computer.

How can i decrypt my files?

Send email to: anoynmous.axo at proton dot me with your personal id

Once you will send the email you have to wait 48 Hours

After 48 Hours we will send you a decryption program with your decryption key

Your unique personal ID:

(long alphanumeric string)