Exorcist
According to PCrisk, Exorcist is a ransomware-type malicious program. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all compromised files are appended with an extension consisting of a ransom string of characters.For example, a file originally named "1.jpg" could appear as something similar to "1.jpg.rnyZoV" following encryption. After this process is complete, Exorcist ransomware changes the desktop wallpaper and drops HTML applications - "[random-string]-decrypt.hta" (e.g. "rnyZoV-decrypt.hta") - into affected folders. These files contain identical ransom messages.
Victims count: 0
Last discovered victim N/A
First discovered victims: N/A
Known Locations
| Favicon | Title | Type | Available | Last Visit | FQDN | |
|---|---|---|---|---|---|---|
|
None | No | 2025-01-28 10:00:21 | 7iulpt5i6whht6zo2r52f7vptxtjxs3vfcdxxazllikrtqpupn4epnqd.onion |
Ransom Notes
No ransom notes available.
Tools Used
No tools used available.
Vulnerabilities Exploited
No vulnerabilities exploited available.
TTPs Matrix
No TTPs available.
Negotiation Chats
No negotiation chats available.
YARA Rules
No YARA rules available.