|Encryption Type||AES , RSA 2048|
|Short Description||The ransomware, encrypts the files and makes it inaccessible and also scrambles the file name making is hard to recover files. Restoring and return to previous mode is also removed from the victim’s system.|
|Symptoms||Spam campaigns are generated and spread through the internet with those regional brands that users use in their day to day life. In such a way the User gets tricked by making the user open the mail and download the attachment which contains the malicious file that executes the ransomware into the victim’s system.|
|Distribution Method||This ransomware uses various techniques for its distribution such as spam campaigns, malvertising, exploit Kits.|
Unique wallet IDs are provided to send ransom than that of the previous version and uses its own Tor gateway for anonymous ransom payment and provides the instruction for further payment with bitcoins.
If the payment is not done at the given time, the original data are securely deleted which cannot be recovered until or unless you have backups or by paying the ransom.
CryptoWall 2.0 usually encrypts most of the extensions, the following are few of the extensions widely known,
xls, wpd, wb2, txt, tex, swf, sql, rtf, RAW, ppt, png, pem, pdf, pdb, PAS, odt, obj, msg, mpg, mp3, lua, key, jpg, hpp, gif, eps, DTD, doc, der, crt, cpp, cer, bmp, bay, avi, ava, ass, asp, js, py, pl, db, c, h, ps, cs, m, rm