NUEVO RANSOM ADAME, QUE PUEDE CIFRAR FICHEROS EXE y DLL, AÑADIENDO ADAME AL FINAL DEL TODO DE LA NUEVA EXTENSION

Tras quedar residente, cifra ficheros, incluyendo EXEs y DLLs (respetando %WinDir% y %Archivos de Programa%), añadiendoles la extension “.id[C8E1E393-2275].[checkcheck07@qq.com].Adame”

………….

MENSAJE DE DICHO RANSOMWARE ADAME:

All you files have been encrypted due to a security problem with your PC. If you want to restore them, there are two way of contact.

Mail contact – checkcheck07@qq.com
Jabber contact – recovermyfiles2019@thesecure.biz

– https://www.wikihow.com/Create-a-Jabber-Account
– https://psi-im.org/download/
– Once you created a jabber account. Make sure you add the contact first and wait for our approval to begin sending message.
– Directly messaging us with out accepting your request will result to Forbidden message

Free decryption as guarantee

Before paying you can send us up to 5 files for free decryption. The total size of file must be less tthan 4mb(non achieved), and files should not contact valuable information. (databases, backups, large excel sheets, etc.)

Where to buy bitcoins?

* The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click
‘Buy bitcoins’, and select the seller by payment method and price:
https://localbitcoins.com/buy_bitcoins
* Also you can find other places to buy Bitcoins and beginners guide here:
http://www.coindesk.com/information/how-can-i-buy-bitcoins

Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price
(they add their fee to our) or you can become a victim of a scam.

………..

total sobre la muestra recibida, ofrece el siguiente informe>

A partir del ELISTARA 42.82 pasamos a controlar esta nueva variante

saludos

ms, 29-1-2020