UNNAM3D Ransomware Locks Protected Files, Gift Cards Requesting

A new ransomware is being distributed by email called Unnam3d R@nsomware to move the victim's files in a RAR password - protected archive. The ransomware requires a gift card code of $ 50 from the Amazon so you can get the password archive.
After a victim had submitted the ransomware to our site and asked for help, Bleepingcomputer was warned. While you said you received ransomware through email, you did n't provide a sample of the email you received.

When executed, the ransomware is extracted from bundled WinRar.exe to the Temp% folder and executed the Temp% command \WinRar.exe -m -r -p[password ] [ directory ] for moving files to a password protected file in the specified directory.

During this process, the ransomware moves files into their own individual RAR archives under the Documents, Pictures and Desktop folders. After completion of the ransomware, the Rasom Note screen appears as shown below.
Rasom Note

How This Ransomware To spread ?

As mentioned above, UNNAM3D ransomware can be distributed with malicious attachments via e-mail spam. The email is disguised as an Adobe email that says that the Adobe Flash Player of the recipient is obsolete and must be updated. These messages contain a link to the fake UNNAM3D ransomware update for Adobe Flash Player.
Spam Email
IOCs :
a98b678578e4d937de8a1f1557286da6df74abac0b49081829a81c886c3a92a3
Analyses Report by VirusTotal.

More Info Going to Bleeping Computer

Related Articles:

How to prevent ransomware ?



2 comments:

Anonymous said...

Nice Article.....

Anonymous said...

Info....helpful