What is Sodinokibi?
Discovered by S!Ri, Sodinokibi (also known as REvil or Sodin) is a ransomware-type program created by cyber criminals. They use it to encrypt files stored on victims' computers and prevent people from accessing them files until they have paid a ransom. Malware researchers call it Sodinokibi, however, developers have not yet provided an official name. This ransomware places ransom messages in folders that contain encrypted files. The name of the text file depends on the extension added to the encrypted file. For example, if the extension is ".686l0tek69" (and the encrypted file is renamed from, for example, "1.jpg" to "1.jpg.686l0tek69"), the ransom message filename will be called "686l0tek69-HOW-TO-DECRYPT.txt". Sodinokibi also changes the wallpaper.
| Name | Sodinokibi virus |
| Threat Type | Ransomware, Crypto Virus, Files locker. |
| Encrypted Files Extension | Random string. |
| Ransom Demanding Message | Text file, desktop wallpaper, website. |
| Ransom Amount | $2500/$5000 |
| Cyber Criminal Contact | Website chat. |
| Detection Names | Avast (Win32:Malware-gen), BitDefender (Trojan.GenericKD.31927370), ESET-NOD32 (a variant of Win32/GenKryptik.DGSJ), Kaspersky (Exploit.Win32.Nekto.lr), Full List Of Detections (VirusTotal) |
| Rogue Process Name | Showing Mcga Wmv Photo Ramsey Married |
| Symptoms | Cannot open files stored on your computer, previously functional files now have a different extension (for example, my.docx.locked). A ransom demand message is displayed on your desktop. Cyber criminals demand payment of a ransom (usually in Bitcoins) to unlock your files. |
| Distribution methods | Infected email attachments (macros), torrent websites, malicious ads. |
| Damage | All files are encrypted and cannot be opened without paying a ransom. Additional password-stealing trojans and malware infections can be installed together with a ransomware infection. |
DOWNLOAD REMOVAL TOOL
How to Remove Sodinokibi ransomware (Removal Tool)
Reviewed by Blogger
on
April 24, 2020
Rating:
Reviewed by Blogger
on
April 24, 2020
Rating:


