PizzaCrypts
Decryptor Available
Yes
Description
PizzaCrypts is a direct variant of JuicyLemon. In fact, it shares almost the exact same behavior and characteristics as its predecessor. The primary differences are the nuances in the email communication names and thus, the file extension name it uses. However, it drops a similar-looking ransom note, uses the same encryption algorithm (AES-256), and extorts victims similarly by using a unique 10-digit ID to track victims. Only with ransomware can you get pizza from lemons.
Ransomware Type
Crypto-Ransomware
First Seen
Last Seen
Lineage
Extortion Types
Direct Extortion
Communication
Medium
Identifier
Email
Email
Bitmessage
BM-NBRCUPTenKgYbLVCAfevuHVsHFK6ue2F
Encryption
Type
Symmetric
Files
AES-256
File Extension
<file name>.id-<10-digit victim ID>[email protected]
Ransom Note Name
Pizzacrypts Info.txt
317FKF8LCG90FUI.txt
Ransom Note Image
Samples (SHA-256)
d6818864dc9e10b15c88aca4d1e8fd971eff43572beba3001fd6c96028afd9f3
References & Publications
Malware Traffic Analysis:
2016-07-07 - PIZZACRYPTS... REALLY?