1 of 2
Danger level 7
Type: Trojans
Common infection symptoms:
  • Normal system programs crash immediatelly
  • Connects to the internet without permission
  • Installs itself without permissions
  • Can't be uninstalled via Control Panel

EnyBeny Ransomware

EnyBeny Ransomware, also known as EnybenyNuclear Ransomware, is a malicious threat that appears to be the new variant of the infamous EnybenyCrypt Ransomware. The sample tested by our research team had very clear similarities to the threat, and, of course, the malware code was the same as well. That being said, the new variant seems to be unfinished, and so it is possible that we will have to update this article in the future. In the time being, the infection does not seem to encrypt files, which is how it is supposed to work. Instead, it drops ransom note files and changes the Desktop wallpaper to deliver a message from the creators of the infection. This could intimidate some victims, but those who are more vigilant should notice that their files are not encrypted. In any case, whether or not your files are encrypted, you must remove EnyBeny Ransomware from your operating system, and there are a few options you should look into when deciding the best way to delete this malware.

Just like most infections of this kind, EnyBeny Ransomware is likely to spread using spam emails or by exploiting RDP vulnerabilities. Once in, the infection should encrypt files, and it should encrypt personal files. According to our research, the threat should even add the “.PERSONAL_ID:.Nuclear” extension to the photos, documents, and similar files that it should encrypt. Our team also indicates that the threat might be capable of automatically removing corrupted files after a certain period, which is why it is crucial to delete EnyBeny Ransomware even if it has not encrypted personal files at all. Whether the threat works or not, it is supposed to drop copies of a file named “Hack.png” all over the computer. This image file should replace the regular Desktop wallpaper image, and it should inform that all files were encrypted by “EnyBeny Nuclear.” The message also informs that files should be deleted after 8 hours. This is not the only message that the attackers have. A file named “Hack.txt” is also created, and copies of this file are also dropped everywhere.

According to the text file, EnyBeny Ransomware has encrypted your personal files to protect them, which, of course, is total nonsense. The message also informs that you need to purchase a decryptor for 0.00000001 BTC to get the files decrypted, but the demand is followed by this message: “No decryption, lol! Emails not registred!” Two email addresses (brianmaps@gmail.com and amigo_a@india.com) are included in the message, and it appears that the attackers want you to use them to contact them. Doing so would be extremely risky, and so we do not recommend it. Paying the ransom is not something that you should do either, even if your files were encrypted. Judging by the size, the ransom we mentioned already (0.00000001 BTC) appears to be bogus, but if the infection was upgraded, the ransom is likely to be raised significantly. Paying it is most likely to be a waste of money, which is why we do not recommend it. If EnyBeny Ransomware invaded your system, you want to focus on getting rid of it.

The manual removal of EnyBeny Ransomware is both simple and complicated. It is simple because there is only one file that must be deleted. It is complicated because this file should have a unique name and it could be located in a random location on your computer, which means that we cannot point you to it. Obviously, if you know where the file is, you should have no trouble finding and erasing it. On the other hand, if you cannot delete EnyBeny Ransomware launcher yourself, you might have to install anti-malware software that will detect and erase this threat automatically. This isn’t such a terrible option because reliable anti-malware software can eliminate all threats and, simultaneously, guarantee full-time protection against malicious invaders in the future. Of course, you have to choose which removal method suits you best, but if you want our advice, we recommend using anti-malware software. If you need our advice on anything else, or you have questions about ransomware, post a comment below.

EnyBeny Ransomware Removal

  1. Delete all recently downloaded suspicious files.
  2. Delete the ransom note file named Hack.txt (all copies must be erased too).
  3. Delete the image file named Hack.png (all copies must be erased too).
  4. Empty Recycle Bin.
  5. Install a malware scanner and use it to perform a full system scan.
Download Spyware Removal Tool to Remove* EnyBeny Ransomware
  • Quick & tested solution for EnyBeny Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.