A new version of TeslaCrypt has been released that utilizes the same .ccc extension for encrypted files but now uses a different ransom note name.  According to TeslaDecoder developer BloodDolly, this variant was released on October 13th, 2015 and is version 2.2.0 of the TeslaCrypt family. Unfortunately, unless you capture the encryption key at the time of the infection there is no way of decrypting your files without paying the ransom. This variant also continues to use vssadmin.exe to clear the victim's Shadow Volume Copies.

Just like previous versions, this version will continue to create ransom notes in each folder that a file has been encrypted. The new ransom note names that are being used are _how_recover_<3 letter id>.HTML and _how_recover_<3 letter id>.TXT. For example,  _how_recover_jal,html, as shown below.

TeslaCrypt Ransom Note
TeslaCrypt Ransom Note - Click to Enlarge

If any new information about this version is discovered, we will be sure to post about it.

Related Articles:

Former Microsoft Engineer Gets 18 Months in Prison for Role in Ransomware Scheme

New Cmb Dharma Ransomware Variant Released

The Week in Ransomware - August 10th 2018 - BitPaymer & KeyPass

New KeyPass Ransomware Campaign Underway

The PGA Possibly Infected With the BitPaymer Ransomware