Ransom.Snatch

ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.

Short bio

Ransom.Snatch is Malwarebytes’ detection name for a family of ransomware written in Golang.

Type of infection

Ransom.Maze is ransomware. Ransomware in general makes files on the victims system unusable until the ransom is paid. Ransom.Snatch not only encrypts a victims files, but also threatens to publish them. The ransomware component is separate from the data stealer. Common attacks methods are: brute-force attacks against vulnerable, exposed services as RDP, VNC

Malicious behavior

Victims will find the ransome note named: HOW TO RESTORE YOUR FILES.TXT

Similiar detections

Ransom.ELF.ESXi.Attacks Virlock.Ransom.FileInfector.DDS Ransom.VirLock Ransom.FileCryptor.MSIL.Generic Ransom.FileCryptor Ransom.Maui Sodinokibi.Ransom.Encrypt.DDS Ransom.AvosLocker Ransom.BlackByte Ransom.Encoded01 View all Ransomware detections >

Products

Services

Why ThreatDown

Get Help

Managed Services Terms & Conditions

Detection Details

Ransom.Snatch

Short bio

Type of infection

Malicious behavior

Similiar detections