banner image
banner image

How to Remove Sodinokibi ransomware (Removal Tool)


How to Remove Sodinokibi ransomware (Removal Tool)

What is Sodinokibi?
Discovered by S!Ri, Sodinokibi (also known as REvil or Sodin) is a ransomware-type program created by cyber criminals. They use it to encrypt files stored on victims' computers and prevent people from accessing them files until they have paid a ransom. Malware researchers call it Sodinokibi, however, developers have not yet provided an official name. This ransomware places ransom messages in folders that contain encrypted files. The name of the text file depends on the extension added to the encrypted file. For example, if the extension is ".686l0tek69" (and the encrypted file is renamed from, for example, "1.jpg" to "1.jpg.686l0tek69"), the ransom message filename will be called "686l0tek69-HOW-TO-DECRYPT.txt". Sodinokibi also changes the wallpaper.

Threat Summary:
NameSodinokibi virus
Threat TypeRansomware, Crypto Virus, Files locker.
Encrypted Files ExtensionRandom string.
Ransom Demanding MessageText file, desktop wallpaper, website.
Ransom Amount$2500/$5000
Cyber Criminal ContactWebsite chat.
Detection NamesAvast (Win32:Malware-gen), BitDefender (Trojan.GenericKD.31927370), ESET-NOD32 (a variant of Win32/GenKryptik.DGSJ), Kaspersky (Exploit.Win32.Nekto.lr), Full List Of Detections (VirusTotal)
Rogue Process NameShowing Mcga Wmv Photo Ramsey Married
SymptomsCannot open files stored on your computer, previously functional files now have a different extension (for example, my.docx.locked). A ransom demand message is displayed on your desktop. Cyber criminals demand payment of a ransom (usually in Bitcoins) to unlock your files.
Distribution methodsInfected email attachments (macros), torrent websites, malicious ads.
DamageAll files are encrypted and cannot be opened without paying a ransom. Additional password-stealing trojans and malware infections can be installed together with a ransomware infection.
DOWNLOAD REMOVAL TOOL 

How to Remove Sodinokibi ransomware (Removal Tool) How to Remove Sodinokibi ransomware (Removal Tool) Reviewed by Blogger on April 24, 2020 Rating: 5
Powered by Blogger.