.1500dollars Files Virus (Phobos Ransomware) — How to Remove It

.1500dollars Files Virus (Phobos Ransomware) — How to Remove It

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

.1500dollars Files Virus virus remove

What is .1500dollars files virus .1500dollars files virus is also known as .1500dollars ransomware and encrypts users’ files while asking for a ransom.

The .1500dollars files virus is a new release of the Phobos ransomware family aiming to infect as many computer users as possible. It is being developed by an unknown hacking collective and once it is installed on a given computer it will lead to numerous dangerous system changes. After all included modules have finished running the encryption phase will be run. Finally the .1500dollars extension will be applied to all affected files.

Threat Summary

Name.1500dollars files virus
TypeRansomware, Cryptovirus
Short DescriptionThe ransomware encrypts files on your computer machine and demands a ransom to be paid to allegedly restore them.
SymptomsThe ransomware will blackmail the victims to pay them a decryption fee. Sensitive user data may be encrypted by the ransomware code.
Distribution MethodSpam Emails, Email Attachments
Detection Tool See If Your System Has Been Affected by .1500dollars files virus


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss .1500dollars files virus.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

.1500dollars Files Virus – Detailed Description

.1500dollars Files Virus is the most recent version of the Phobos ransomware family which is being spread by an unknown hacking collective. We anticipate that the most popular hacking tactics are to be used. A popular method relies on the creation of numerous hacker-made sites and email phishing messages. They are designed to look like the authentic ones that are being sent in by well-known services.

The viruses can be carried by file carriers of which there are two main types. The first one is the creation of macro-infected documents — text files, spreadsheets, databases and presentations. When they are opened by the victims will be spawned asking them to enable the built-in content, this will lead to the .1500dollars files virus infection. The other type is the inserting the necessary virus code into application installers of popular software. They are also spread via file-sharing networks.

As soon as the intrusion is made the .1500dollars files virus will start with its malicious actions. As an representative of the Phobos ransomware family it will likely feature the typical malicious actions that are typical of previous versions:

  • Persistent Installation — The .1500 files virus can be installed in a way which will execute the threat as soon as the computer is started. In certain cases this can also block access to the recovery boot options.
  • Information Retrieval — The .1500dollars files virus can acquire sensitive information which can expose the identity of the victims as well as a profile of the installed hardware components and system settings.
  • Security Applications Bypass and Removal — Using the collected information the criminals will be able to identify if there are any running security programs and bypass them. This is done by the .1500dollars files virus engine and acts against common signatures: anti-virus programs, sandbox environments, virtual machine hosts, firewalls and intrusion detection systems.
  • Data Removal — Some of the prior Phobos ransomware samples have been found to remove shadow volume copies, system restore points and backups from the system.
  • Windows Registry Changes — If configured so the virus sample will be able to create and modify existing entries to the Windows Registry. This will lead to issues such as performance problems, the inability to start certain functions and unexpected errors that may lead to data loss.
  • Additional Payload Delivery — Some of the .1500dollars files virus samples can be used to spread other threats: ransomware, Trojans, hijackers and etc.

The .1500dollars files virus will launch its final encryption phase once all components have finished running. It will use a built-in list of target file type extensions including the following:

multimedia files, backups, archives, databases, documents and etc.

The .1500dollars extension will be applied to all victim files and a ransomware note will be crafted in a text file to blackmail the victims to pay the hackers a decryption fee.

.1500dollars Files Virus – What Does It Do?

The .1500dollars Files Virus is a crypto virus programmed to encrypt user data. As soon as all modules have finished running in their prescribed order the lockscreen will launch an application frame which will prevent the users from interacting with their computers. It will display the ransomware note to the victims.

You should NOT under any circumstances pay any ransom sum. Your files may not get recovered, and nobody could give you a guarantee for that.

The .1500dollars Files Virus cryptovirus could be set to erase all the Shadow Volume Copies from the Windows operating system with the help of the following command:

→vssadmin.exe delete shadows /all /Quiet

If your computer device was infected with this ransomware and your files are locked, read on through to find out how you could potentially restore your files back to normal.

Remove .1500dollars Files Virus

If your computer system got infected with the .1500dollars Files ransomware virus, you should have a bit of experience in removing malware. You should get rid of this ransomware as quickly as possible before it can have the chance to spread further and infect other computers. You should remove the ransomware and follow the step-by-step instructions guide provided below.


Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share