SevenDays Ransomware
Posted: August 7, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 38 |
First Seen: | August 2, 2017 |
---|---|
OS(es) Affected: | Windows |
The SevenDays Ransomware is a Trojan that uses encryption to block your files. Although most threat actors deploy similar Trojans for the sake of collecting ransoms, the SevenDays Ransomware includes no instructions on paying for recovery. Victims without backups to restore from may contact professional cyber security researchers for determining whether or not a free decryption is possible and always should uninstall the SevenDays Ransomware with help from a dedicated anti-malware product.
Tuning in for Movie References in Your Threatening Software
With the fast pace of the threatening software industry, Trojans older than a few months are a distinct minority, even though some of their code may be years in age. However, malware experts confirmed the distribution, if only in small quantities, of an extremely unusual case of old threats returning to plague the modern-day security landscape recently. The SevenDays Ransomware, supposedly first compiled in 2012, is a Trojan that also guarantees its memorability for more reasons than just age: it also blocks its victims' files without giving them any solutions to its attacks.
The SevenDays Ransomware uses encryption-based functions similar to those of Hidden Tear or the Globe Ransomware to encode your locally-saved files with an algorithm. DOC, PNG, and JPG are examples of some of the formats this threat targets while also adding its tag (the '.SEVENDAYS' extension) to their names. Accompanying Counterstrike-themed images in the SevenDays Ransomware's payload also imply that the Trojan is targeting Eastern European gamers.
The SevenDays Ransomware also creates a text file for providing decryption instructions, but the contents of this message include no ransom-paying or decryption-related information. Instead, it shows 'SEVENDAYS' repeated, most likely, as a reference to the same line of dialogue from the famous 'the Ring' (or 'Ringu') movie. Although the SevenDays Ransomware may be a 'joke,' the payload retains the possibility of damaging files and making them unable to open permanently.
Keeping the Number Seven from Being Deadly
Whether the date of compilation is legitimate or is a spoofed data to mislead any security researchers, the SevenDays Ransomware isn't an immediately apparent relative to families like EDA2 or the Jigsaw Ransomware. However, it also has limited features for concealing its payload, and malware researchers are noting good detection rates from many anti-malware products in the industry. Identifying and removing threats like before they can inflict any file damage may be the only means users without backups have to keep their data from being destroyed.
Low-key projects like the SevenDays Ransomware often circulate through fake software downloads, such as torrents that misrepresent their contents as being cheats or cracks for popular games. Because file-encrypting Trojans without public decryptors can lock any files perpetually, users who need to protect their media should back any documents, pictures, and similar data to a safe storage place. Malware experts recommend using detachable or password-protected storage solutions, and active anti-malware programs for removing the SevenDays Ransomware immediately.
The SevenDays Ransomware could be an in-development Trojan or one whose public release is unintentional. No matter what its birth story is, it holds a place alongside similar threats as software that gives anyone opening it new problems without any answers.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.