目前我们收集到了GlobeImposter 2.0一些特殊变种,例如后缀为*.{eamil}XX,或者为*.crypted_email等,他们有如下特征:
勒索通知文件:how_to_back_file.htm HOW_TO_RESTORE_FILES.html
邮件地址:
makbigfast@india.com
hardfoork@india.com
happydayz@india.com
happydaayz@aol.com
strongman@india.com
hiddentreasure@india.com
choclatestep@india.com
jeepdayz@aol.com
vape@india.com
vapeefiles@aol.com
fostcrypt@india.com
fostecrypt@aol.com
OMNOOMNOOM@india.com
omnoomnoomf@aol.com
trustcrypt@india.com
trustfiles@aol.com
pingy@india.com
plingyfiles@aol.com
legoo@india.com
legosfilos@aol.com
grafcrypt@india.com
graffiles@aol.com
georbushy@aol.com
plingyfiles@aol.com
fostecrypt@aol.com
fostcrypt@india.com
mixfight@india.com
mixifightfiles@aol.com
ronald_reagan@derpymail.org
colin_farel@aol.com
bentleysali@india.com
brabusDangers@india.com
unlistbusten@aol.com
illnestfirst@aol.com
makbigfast@india.com
fedovas@aol.com
uridzu@aaathats3as.com
minzeewerg@420blaze
damarles@airmail.cc
steffevendeng@post.com
yoshikada@cock.lu
zerwix@airmail.cc
secure@cock.li
padraic.wigmore@aol.com
cesna.thomas@aol.com
catherwood.judd@aol.com
GlobeImposter 2.0病毒的版本邮箱特征
下一篇: 南京西数科技有限公司 --数据恢复中心实验室建设概况