暂无数据

.Makop勒索病毒

 

病毒家族
病毒别名 makop
影响系统 Windows
出现时间 2019年

01

.makop勒索病毒中毒后表现

 

 

所有文件被加上原文件名.[8位字符].[邮件地址].makop后缀(扩展名);

数据和文件被加密,恢复扩展名仍然无法使用;

Windows系统核心文件未加密,Windows系统可以运行;

系统安全服务、SQL服务、虚拟机、杀毒软件等被关闭禁用;

Windows系统备份被删除;

病毒文件自销毁;

Windows日志被删除;

文件夹下生成readme-warning.txt

02

.makop勒索病毒生成文件信息

 

::: Greetings :::


Little FAQ:
.1. 
Q: Whats Happen?
A: Your files have been encrypted and now have the "makop" extension. The file structure was not damaged, we did everything possible so that this could not happen.

.2. 
Q: How to recover files?
A: If you wish to decrypt your files you will need to pay in bitcoins.

.3. 
Q: What about guarantees?
A: Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will cooperate with us. Its not in our interests.
To check the ability of returning files, you can send to us any 2 files with SIMPLE extensions(jpg,xls,doc, etc... not databases!) and low sizes(max 1 mb), we will decrypt them and send back to you. That is our guarantee.

.4.
Q: How to contact with you?
A: You can write us to our mailbox: paybackformistake@qq.com

.5.
Q: How will the decryption process proceed after payment?
A: After payment we will send to you our scanner-decoder program and detailed instructions for use. With this program you will be able to decrypt all your encrypted files.

.6.
Q: If I don抰 want to pay bad people like you?
A: If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause only we have the private key. In practice - time is much more valuable than money.

:::BEWARE:::
DON'T try to change encrypted files by yourself! 
If you will try to use any third party software for restoring your data or antivirus solutions - please make a backup for all encrypted files!
Any changes in encrypted files may entail damage of the private key and, as result, the loss all data.

03

.makop扩展名勒索病毒留下的邮件统计

 

 

datalost@foxmail.com, crypt@qbmail.biz, akzhq00705@protonmail.com, payforkey@cock.li, mak_supp@aol.com, compromised@airmail.cc, mak_supp@hotmail.com, makopsupp@tutanota.com, votrefile@tuta.io, davidrecovery@protonmail.com, getdataback@qbmail.biz, luntik2316@protonmail.com, akzhq615@protonmail.com, akzhq530@protonmail.com, mrdjohni@tutanota.com, akzhq412@aol.com, savedata2@protonmail.com, ruthlessencry@qq.com, irisaneby@aol.com, makop@tuta.io, tomasrich2020@aol.com, genfiles@protonmail.com, backup_499@protonmail.com, killyouass@protonmail.com, buydecryptor@aol.com, restoring.data@protonmail.com, farik1@protonmail.com, antiransomware@aol.com, admcphel@protonmail.ch, akzhq12@cock.li, data.compromised@protonmail.com, giantt1@protonmail.com, viginare@aol.com, verilerimialmakistiyorum@inbox.ru, moncler@cock.li, ww6666@protonmail.com, xaodecrypt@protonmail.com, cock89558@cock.li, prndssdnrp@mail.fr, MikeyMaus77@protomail.com, modeturbo@aol.com, buydecryptor@cock.li, checkfilelock@protonmail.ch, akzhq710@protonmail.com, payfordecoder@hotmail.com, paymantsystem@cock.li, akzhq725@tutanota.com, myfiles@msgsafe.io, akzhq808@tutanota.com, ranbarron88@qq.com, encryptboys@tutanota.com, greenreed007@qq.com, crypt@zimbabwe.su, helpdesk_makp@protonmail.ch, makop@airmail.cc, joshua_antony@aol.com, akzhq830@tutanota.com, makopfiles@aol.com, myfilesdecrypt@cock.li, steaknshake@gmx.us, makop@keemail.me, makop.support@secmail.pro, cloudfiles@msgsafe.io, cloudfiles@airmail.cc, akzhq915@tutanota.com, akzhq915@airmail.cc, akzhq915@protonmail.ch, dino@rape.lol, dino_rans@protonmail.ch, akzhq1010@tutanota.com, akzhq1010@cock.li, poyasecurity@protonmail.com, poyasecur@gmail.com, manage.file@messagesafe.io, morrith_smith@tutanota.com, moloch_helpdesk@tutanota.com, moloch_helpdesk@protonmail.ch, lock59@airmail.cc, backup1950@msgsafe.io, loyaldecrypt@privatemail.com, btcsupport@bingzone.net, btcsupport@cock.li, grhoster-123@tutanota.com, dweezells@airmail.cc, mozgpitona@outlook.com, yamer2@protonmail.com, saveisos@aol.com, kobihornegushersamuels@protonmail.com, phillipdyercostarican@tutanota.com, makop@outlookpro.net, makop@rape.lol, sirketverileri@protonmail.com, xiaojunye@tutanota.com, 1527436515@qq.com, norahghnq@gmx.com, decryption@techmail.info, hopeandhonest@smime.ninja, playerplaya@protonmail.com, apollo55supp@protonmail.com, filerecov3ry@keemail.me, evilminded@privatemail.com, yourfriendz@keemail.me, honestandhope@qq.com, alexpetrov11094@gmail.com, darknet@techmail.info, ustedesfil@tuta.io, daviderichardo@tutanota.com, daviderichardo@messagesafe.io, goldenmark@yahooweb.co, apollo55@lenta.ru, undergrounda@lenta.ru, mariany@msgden.net, mymakopfile@tutanota.com, ustedesfil@safeswiss.com, yourfriendz@secmail.pro, mondezir@mailfence.com, goodhack@privatemail.com, ideapad@privatemail.com, esupport@privatemail.com, willettamoffat@yahoo.com, yourdataonline@aliyun.com, hello2021ola@protonmail.com, makopransom@outlook.com, decryption@msgden.com, paybackformistake@qq.com, jackydonovan@protonmail.com, shikotan@happygoluckyclub.com, yourfriendz@techmail.info, companyblast@msgsafe.io, colemandec@tutanota.com, @saveisos (Telegram)

04

.makop后缀病毒常见入侵方式

 

盗版软件、钓鱼邮件、网站木马

 

.makop后缀勒索病毒相关信息

—— 联系我们    Contact Us ——

24小时应急响应电话:15021662155 (微信同号)

 serve@grit.com.cn

样本提交 2012 - 2020 Copyright © 国瑞IT安全服务中心 沪ICP备09036178号 

添加微信好友,详细了解产品
使用企业微信
“扫一扫”加入群聊
复制成功
添加微信好友,详细了解产品
我知道了