SYMBOLCOMMON_NAMEaka. SYNONYMS
win.bitpylock (Back to overview)

BitPyLock

Bitpylock is a ransomware that encrypts files by using asymmetric keys and puts '.bitpy' as suffix once the encryption phase ended. The ransom note appears on the affected user's Desktop with the following name: "# # HELP_TO_DECRYPT_YOUR_FILES # .html". At the time of writing the ransom request is 0.8 BTC and the communication email is: helpbitpy@cock.li.

References
2020-01-21Bleeping ComputerLawrence Abrams
@online{abrams:20200121:bitpylock:ded9871, author = {Lawrence Abrams}, title = {{BitPyLock Ransomware Now Threatens to Publish Stolen Data}}, date = {2020-01-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/}, language = {English}, urldate = {2020-01-22} } BitPyLock Ransomware Now Threatens to Publish Stolen Data
BitPyLock
2020-01-14YoroiYoroi
@online{yoroi:20200114:analysis:d5eb291, author = {Yoroi}, title = {{Analysis Run}}, date = {2020-01-14}, organization = {Yoroi}, url = {https://yomi.yoroi.company/report/5e1d77b371ef016089703d1a/5e1d79d7d1cc4993da62f24f/overview}, language = {English}, urldate = {2020-01-14} } Analysis Run
BitPyLock
2020-01-09Twitter (@malwrhunterteam)malwrhunterteam
@online{malwrhunterteam:20200109:bitpylock:17860f7, author = {malwrhunterteam}, title = {{Tweet on BitPyLock}}, date = {2020-01-09}, organization = {Twitter (@malwrhunterteam)}, url = {https://twitter.com/malwrhunterteam/status/1215252402988822529}, language = {English}, urldate = {2020-01-13} } Tweet on BitPyLock
BitPyLock

There is no Yara-Signature yet.