Satan Ransomware

What is Satan Ransomware?

Malware analysts at Anti-spyware-101.com have recently acquired a sample file of ransomware called Satan Ransomware. This application is dangerous because it can encrypt your personal files and demand that you pay money for the decryption key. However, you should remove it instead because there is no way of knowing whether the cybercriminals behind it will keep their word and send you the key once you have paid. This particular ransomware falls into the Ransomware as a Service (RaaS) category because its developers sell the license to use it for cyber criminals and take a cut off their profits. The criminals can distribute this it as they please, so your PC can become infected with it when you least expect it.testtest

What does Satan Ransomware do?

Our cybersecurity experts first discovered this ransomware in January of 2017. The sample they tested had the main executable named Satan.exe, but in some instances, it can be called Satan Ransomware.exe. In fact, since it is given to other criminals to use and modify, they can name the executable however they want to. Nevertheless, a powerful anti-malware application can detect and delete it instantly, regardless of how it is named.

However, if you do not have an anti-malware program to protect your PC and if it becomes infected with this ransomware, then it will spring into action immediately and start encrypting your files. Researchers have concluded that it uses the AES-256 and RSA-2048 encryption algorithms that are very strong and extremely difficult to decrypt. Note that, at the time of this article, there was no free decryption tool.

According to our malware analysts, Satan Ransomware can encrypt many file formats that include but are not limited to .3ds, .odg, .cer, .tif, .cs, .xlw, .mfw, .nsf, .csl, .php5, .mp4, .pab, .st6, .sas7bdat, .wmv, and dozens of others. While encrypting them, it changes their names and appends them with the “.stn” file extension. Once the encryption is complete, you cannot open the encrypted files.

Satan Ransomware will drop an HTML file named HELP_DECRYPT_FILES.html. This file is a ransom note that provides you with information on how to pay the ransom. Researchers say that there have been cases when this ransomware asked its victims to pay from a measly 0.1 BTC (92.41 USD) to a whopping 1.63 BTC (1,500 USD). However, there is no telling whether the cyber criminals that control it will give you the decryption key, so we suggest that you do not comply with the demands and get rid of it instead.

Where does Satan Ransomware come from?

Satan Ransomware was developed by an unknown entity that distributes it on an underground TOR network. Researchers have discovered that the developers have set up a website where their “clients” can register and account, purchase the license to use this ransomware and customize it according to their needs. The developers get a cut from each ransom payment, so their clients have an interest in making as much money as possible that they can keep for themselves. The people that have permission to distribute this ransomware have the freedom to do it any way they want to, so Satan Ransomware can be disseminated via email spam, exploit kits or malicious software bundles.

How do I remove Satan Ransomware?

Without a doubt, Satan Ransomware is a malicious piece of programming that you have to take action against as soon as possible. It can encrypt your personal files and demand outrageous sums of money for the decryption key. Because criminals can demand that you pay much money and there is no guarantee that you will get the key, we recommend that you remove it. Our malware analysts recommend using SpyHunter’s free scanner to detect the malicious program so that you could delete it manually. Please check the instructions supplied below.

Removal Instructions

  1. Open your browser.
  2. Go to http://www.anti-spyware-101.com/download-sph
  3. Download SpyHunter-Installer.exe
  4. Install the program and run it.
  5. Click Scan Computer Now!
  6. Windows+E and copy the file path of the executable from the scan results.
  7. Type the file path of the executable in File Explorer’s address box.
  8. Press Enter.
  9. Right-click the file and click Delete.
100% FREE spyware scan and
tested removal of Satan Ransomware*
Disclaimer
Disclaimer

Leave a Comment

Enter the numbers in the box to the right *