AXLocker 勒索軟件保留文件名不變

AXLocker 是 2022 年 11 月中旬在野外發現的一種新的勒索軟件變種。該勒索軟件不屬於任何更大的變種家族。

AXLocker 加密受感染系統上的文件，加密其內容使其不可讀，然後在彈出窗口中顯示勒索贖金通知。

與幾乎所有其他勒索軟件不同，AXLocker 不會更改加密文件的原始文件名，這意味著在您嘗試打開文件之前無法直觀地判斷哪些文件已加密，哪些未加密。

加密將影響大多數廣泛使用的擴展名和文件類型，包括文檔、媒體文件、檔案和可執行文件。

加密成功後，贖金票據會顯示在彈出窗口中，並且不會在任何地方生成純文本文件。完整的贖金記錄如下：

WARNING!!

Private key will be deleted in:

(timer module)

Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. The server will eliminate the key after a time period specified in this window.

Warning!!

1. Do not turn off the ransomware, if you do so the private key will be deleted.

2. Do not turn off the computer.

How can i decrypt my files?

Send email to: anoynmous.axo at proton dot me with your personal id

Once you will send the email you have to wait 48 Hours

After 48 Hours we will send you a decryption program with your decryption key

Your unique personal ID:

(long alphanumeric string)