TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Sage Ransomware

f:id:tanigawa:20180721103908j:plain
Screenshot of a message (desktop wallpaper) encouraging users to pay a ransom to decrypt their compromised data:
f:id:tanigawa:20180721104249j:plain
テキストファイル
f:id:tanigawa:20180721104317j:plain
HTMLファイル
出典: https://www.pcrisk.com/removal-guides/10732-sage-ransomware


【脅迫文】

■壁紙

ATTENTION!
Sage encrypted all your files!
All your files, images, videos, and databases were encrypted and made inaccessible by software known as Sage.
You have no chance to restore the files without our help. But if you follow our instructions files can be restored easily. Instructions on how to get your files back are stored on every disk, in your documents and on your desktop. Look for files !Recovery_47UdPQ.txt and !Recovery_47UdPQ.html If you can’t find files, use the program “Tor Browser” (you can find it in Google) to access to (onion) web site http://qbxeaekvg7o3lxnn.onion to get your instructions.

【公開情報】

◆Sage Ransomware (PCrisc, 2016/12/07)
https://www.pcrisk.com/removal-guides/10732-sage-ransomware


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020