Unrans Ransomware
Posted: January 16, 2018
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 60 |
First Seen: | June 7, 2023 |
---|---|
OS(es) Affected: | Windows |
The Unrans Ransomware is a file-encryption Trojan whose primary targets appear to be running servers. The interesting thing about this particular threat is that it appears to be based on a PowerShell script, and this is not something that common in the world of ransomware. The bad news is that the Unrans Ransomware being based on PowerShell does not mean that it is decryptable, and it seems that this threat's encryption cannot be deciphered currently.
When the Unrans Ransomware attacks a server, it will carry out a file-encryption task, which will ensure the full encryption of specific file formats – documents, media files, databases, spreadsheets, and common Web page formats are just some of the files that the Unrans Ransomware seeks to encrypt. When the attack is complete, the threat will create the file 'RansomText.txt,' which contains ransom instructions. The note leads users to a '.onion' website, which prompts them to enter the unique victim ID found in the aforementioned text file. The attackers also offer to decrypt one file for free to reassure their victims that they will have all of their data recovered if they pay the ransom sum. While it is recommended to take advantage of this offer, we would not advise you to send any money to the Unrans Ransomware's operators. The ransom sum they demand is 0.5 BTC (over $6,000), and sending such a ludicrous amount of money to anonymous cybercrooks can never be a good decision.
The attackers note that the decryption key needed to unlock the files will be deleted permanently, therefore making it impossible to decipher any of the files. While we can't neither confirm nor deny this, we assure you that you will be better off relying on 3rd-party file recovery tools that don't demand thousands of dollars to work. Keep in mind that before attempting to unlock any of the files, you must remove the files of the Unrans Ransomware by using a suitable PC security tool. In addition to this, it is also a good idea to create backup copies of the locked files since you will need them in case a free decryption application becomes available in the future.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.