Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


How to GET the moneypak virus

  • Please log in to reply
1 reply to this topic

#1 jm2080


  • Members
  • 1 posts
  • Local time:12:10 PM

Posted 02 September 2013 - 03:06 PM

I have had many users, on various networks, get the notorious moneypak ransomware virus. Only 1 was ended by simply ending a certain process, and other were a lot heavier infected. Upon partial removal, explorer won't start automatically and this seems to be most common outcome. I was wondering, how does one GET the moneypak virus? I would like to have it on my computer so I can practice with it and get a better understanding on how to troubleshoot it. I have a computer with no important data on it that I use for these kind of things and format it after everything anyways, it is currently waiting for my next test.
Any ideas would be nice.

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)


#2 Elise


    Bleepin' Blonde

  • Malware Study Hall Admin
  • 61,434 posts
  • Gender:Female
  • Location:Romania
  • Local time:07:10 PM

Posted 02 September 2013 - 03:35 PM


While I understand why you would like to get a dropper for this type of malware, unfortunately it is not possible for us to help you. Let me explain why:

Firstly, at BleepingComputer we help combat and remove malware, we do not distribute it. There are dedicated (and legitimate) sites that do this and I suggest you look there for samples.


Second, and this is a much more practical reason, while "moneypak ransomware" seems one infection, in fact there are many different variants. Each variant has its own way of infecting the system, used files folders, used registry loading points and so on. The files/registry settings involved are often not even comparable. However, if you want to get a good idea of what various variants do, you can look at the Ransomware removal guides BC offers, these contain a list of changes made to the computer as well. 


Finally, especially when it comes to ransomware, if you want to test, do yourself a favor and use a Virtual Machine (like free Virtualbox) and not a real machine. VMs allow for the use of snapshots, an easy way to restore your machine to a working state in a minute, which is a lot more convenient when something goes wrong than reimaging an actual computer.

regards, Elise

"Now faith is the substance of things hoped for, the evidence of things not seen."


Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome


Malware analyst @ Emsisoft



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users