FANDOM


MMM is an encryption ransomware Trojan that runs on Microsoft Windows.

Payloads

MMM uses its strong encryption method to make the victim's files unusable, targeting user-generated files such as audio, video, photos, and Microsoft Office documents (among many other file types). MMM uses AES encryption to make the files unusable and then the RSA encryption to make the decryption key inaccessible. The files encrypted in MMM attack are easy to identify because MMM will change their file extensions. MMM will add the file extension '.0x009d8a' to all files targeted by the attack.

MMM Ransomware will demand a ransom. The MMM Ransomware does this by delivering a ransom note to the victim's computer. The ransom note is named 'RESTORE_0x009d8a_FILES.html' and is placed on the infected computer's desktop. The MMM Ransomware demands a ransom of 1.2 Bitcoin (approximately 5105 USD or 4347 EUR at the current exchange rate). According to the MMM Ransomware, the victim only has six days to pay the ransom if there is any chance of restoring the affected data. The following is the full text of the MMM Ransomware ransom note:

YOUR UNIQ IDENTIFICATOR: [10 RANDOM CHARCTERS]
What happend with my files?
All your databases corrupted. All your files has been locked ( encrypted) with Ransomware
For encrypting we using strong cryptographic algorithm AES256+RSA-2048 .Do not attempt to recover the 
files yourself.
You might corrupt your files. We also rewrite all old blocks on HDD and you don`t recover your files with 
Recuva and other...
YOU HAVE ONLY 6 DAYS FOR BUY YOUR DECRYPTION TOOL
It is not advised to use third party tools to decrypt,if we find them you ,you will forever lose your files.
How i can restore my files?
Go to BTC exchange services and buy 1,2 Bitcoin 3) Send it to address 
151F8ufANwCohXzteZ2mauvHLvkS8WmEFT and write us email to address unransom@mail.com for giving 
your key and decryption tool. In subject write your Unique ID
BTC Guide:
Top BTC exchange sites: LocalBitcoins (We recomend), Coinbase, BTC-E,
Online wallets: BlockchainInfo, Block.io

See also

Community content is available under CC-BY-SA unless otherwise noted.