Ransomware Report
You can check the latest ransomware information.
- title
- BTC ransomware
- Registration date
- 2023-07-11
- views
- 7684
[ BTC ransomware ]
[Virus/Malware Activity Report: BTC Ransomware]
Due to a breach believed to be in the form of BTC ransomware,
we would like to confirm the situation and provide a warning as follows.
BTC ransomware
The ransomware is called BTC and appears to be changing all files with file name.extension.EMAIL=[antitrees2000@keemail.me]ID=[unique ID].BTC.
How it works
file version
[Figure 1 Ransomware compiler information]
[Figure 2 File information in window properties]
Ransomware operation characteristics
Re-execute after changing execution location
Copy the ransomware itself into the Temp folder from the initial launch location and re-run it.
[Figure 3 Re-execution within Temp folder during dynamic execution]
[Figure 4 Ransomware file created in Temp folder]
Infection results
The information file is created as <#FILE ENCRYPTED.txt> in each path, and when encryption is performed, change the files to <file name.extension.EMAIL=[antitrees2000@keemail.me]ID=[unique ID].BTC> and complete. When done, change the wallpaper.
[Figure 5 Infection results]
White Defender compatible
It supports real-time automatic restoration of files that will be encrypted before the malicious actions and blocking of White Defender ransomware.
[Figure 6 Block message]
- Previous post
- Vypt ransomware
- next post
- Osiris ransomware
