Ransomware Wiki
Ransomware Wiki

Evil Ransomware Overview[]

The Evil ransomware is a Javascript-based malware threat that follows the usual ransomware behavior tactics. It encrypts target user data and appends the .file0locked extension to the compromised files.The virus employs the AES cipher and its engine is written in the Javascript programming language.

Evil Ransomware Affected File Types[]

.3fr, .accdb, .ai, .arw, .bay, .cdr, .cer, .certs, .cr2, .crt, .crw, .dbf, .dcr, 

.der, .dng, .doc, .dwg, .dxf, .dxg, .eps, .erf, .img, .indd, .jpg, .kdc, .mdb, .mdf, .mef, .mrw, .nef, .nrw, .odb, .odc, .odm, .odp, .ods, .odt, .orf, .p12, .p7b, .p7c, 

.pdd, .pef, .pem, .pfx, .ppt, .psd, .pst, .ptx, .pub, .r3d, .raf, .raw, .rtf, .rw2,

 .rwl, .sr2, .srf, .srw, .wb2, .wpd, .wps, .x3f, .xlk, .xls

Evil Ransomware Note[]

Hello. Your UID: 14D3AB08 Its evil ransomware.
As you can see some of your files have been encrypted!
Encryption was made using a unique strongest AES key.
If you want restore your files you need to BUY (sorry, nothing personal, its just business) the private key,
send me your UID to r6789986@mail.kz List of encrypted files

Evil Ransomware Distribution[]

The identified Evil ransomware samples were distributed by a malicious dropper. The usual way of delivering them to the computer targets is via spam email campaigns that may use various social engineering tricks.

Evil Ransomware Removal[]

In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.