TotalSystemSecurity.com

Find the Best solution for PC threats

Tag: how to recover Mordor extension files

How to Remove Mordor Ransomware and restore .mordor extension files

Mordor RansomwareThreat In Detail

Mordor is a new crypto-malware Ransomware virus that encrypts the file, important documents, vidoes and images found on the target PC. It uses the combination of RSA-2048 key and AES CBC 256-bit encryption algorithm method to encrypt the files. After the encryption is been done, Mordor Ransomware appends “.mordor” as the extension to the encrypted files. As the pattern of Ransomware, this one also leaves a ransom note for its victims that contains the ransom note and instructions on how to pay the ransom. The ransom amount demanded by Mordor Ransomware is $100 which is approximately 0.07 Bitcoins.

Technical Details

Name Mordor Ransomware
Type Ransomware
Description Mordor Ransomware encrypts files, videos, images and texts stored on the target PC and demand a ransom amount from users to decode the files.
Occurrence spam mail attachments., exploit kits, malicious links and java script codes..
Possible Symptoms The ransom note can be seen on desktop and other file directories and files could not be accessible.
Detection Tool Download the Detection toolTo confirm attack of Mordor Ransomware virus on your computer.

Distribution Method

Mordor Ransomware is distributed via email spam attachments which might be in the form of a RAR, ZIP and un-archived DOCX-files that containing malicious macro. Many cyber-criminals uses spam techniques to trick users by heading the mail as any invoice or shipment. Other sources might include visiting infected websites containing java script codes, exploit kits and spam bots. As you open the document or click the link, the payloads of Mordor Ransomware gets downloaded on the system and installed without any user’s permission.

More about Mordor Ransomware

Mordor Ransomware may attack any sort of window’s OS like Vista, Windows 7, Win 8 and Win 10. Once installed, this Ransomware uses strong encryption algorithm combination  of RSA-2048 key and AES CBC 256-bit. This means files are locked with public and private key. Thus users are left with no option except to pay the ransom and get their fiels back.

Mordor Ransomware may drop malicious payloads and entries in the windows’s registry to auto-launch its program.

It searches for various important files like Documents, PDF, photos, music, videos, databases, etc to encrypt them. After encrypting the files, the ransomware changes the desktop wallpaper to ransom note:

 

Along with that, Mordor Ransomware also leaves a ransom note detailed with how to contact them and decrypt files.

The ransom Note says:

How to remove Mordor ransowmare

 

 

List of file extension encrypted

→ .sql, .mp4, .7z, .rar, .m4a, .wma, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .gdb, .tax, .pkpass, .bc6, .bc7, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps, .docm, .docx, .doc, .odb, .odc, .odm, .odp, .ods, .odt

If you are among the one being a victim of “Mordor Ransomware”, then we would strongly suggest you not to pay any ransom to illegitimate persons behind it. Because even after paying they are not going to give your files back. So it is urged that you must opt for removal solutions for Mordor Ransomware and try to recover files by automatic data recovery tool or any backup copy if you have.

(more…)

Welcome To TotalSystemSecurity.com, we will provide users with latest news and information about computer threats like Adware, Spyware, Trojan, Browser Hijacker and Ransomeware. Here at TotalSystemSecurity.com, you will get all minute information about latest threats and manual removal instructions. We Hope our guides and articles help you troubleshoot your PC issues.

TotalSystemSecurity © 2015-2017