Ransomware Wiki
Ransomware Wiki

Hermes Ransomware Ransomware Overview[]

The Hermes ransomware is a dangerous new virus that has just been reported by the security experts.

As it is a new threat the malware is currently still undergoing an initial security analysis. From the limited version we have available at this time we can conclude that the virus follows the typical behavior patterns of encrypting user data with a strong data and then extorting the victim for a ransomware payment.

The encryption engine targets the most popular file extensions and all of the files are renamed using the .HERMES extension.

Hermes Ransomware Ransomware Note[]

HERMES RANSOMWARE

All your important files are encrypted

Your files has been encrypted using RSA2048 algorithm with unique public-key stored on your PC.

There is only one way to get your files back: contact with us, pay, and get decryptor software.

You have “UNIQUE_ID_DO_NOT_REMOVE” file on your desktop also it duplicated in some folders, its your unique idkey, attach it to letter when contact with us. Also you can decrypt 3 files for test.

We accept Bitcoin, you can find exchangers on xxxxs://www.bitcoin.com/buy-bitcoin and others.

Contact information:

primary email: BM-2cXfK4B5W9nvci7dYxUhuHYZSmJZ9zibwH@bitmessage.ch

reserve email: x2486@india.com

Hermes Ransomware Ransomware Distribution[]

The Hermes ransomware is primarily distributed using the most popular infection methods – spam email messages that carry the virus payload as an direct attachments or links that are placed in the body. The computer criminals often bundle ransomware with infected software installers. Malicious ads and other types of redirects can also transmit the dangerous binaries. 

Hermes Ransomware Ransomware Removal[]

In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.