- Home
- Detectable Ransomware
- Parasite
Ransomware Research
Parasite Ransomware
Parasite is a malicious ransomware strain that encrypts victim files and demands ransom payment for decryption. First observed in the wild on January 1, 2021, this ransomware has been actively targeting systems worldwide. Security researchers also track this malware under the aliases: SharpCrypter, Paralock.
Quick Facts
- Ransomware Family
- Parasite
- First Seen
- January 1, 2021
- Known Aliases
- SharpCrypterParalock
How Parasite Ransomware Works
Targeted Files
8d2f2ee24882afe11f50e3d6d9400e35fa66724b321cb9f5a246baf63cbc1788 -> destroys files (.betarasite) 98eb1b7b7ba17e72f08da1f627e7b56edf55356876e266c7eaff616cf041f925 -> need param "rsa" to work
File Encryption Patterns
Parasite modifies encrypted files using specific patterns to mark them as encrypted:
File extensions added after encryption:
..parasite
..betarasite
..paras1te
..paralock
..arazite
..RansomTrojanLock
..jpghosts
..phantom
..0x0M4R
Ransom Note and Payment Demands
After encrypting files, Parasite displays ransom notes demanding payment for file recovery:
@READ_ME_FILE_ENCRYPTED@.html
Ransom message:
notes/@READ_ME_FILE_ENCRYPTED@.html
Note locations:
UserFolders
info.hta
Ransom message:
notes/info.hta
Note locations:
UserFolders
HOW_CAN_GET_FILES_BACK.txt
Ransom message:
notes/HOW_CAN_GET_FILES_BACK.txt
Note locations:
RootDiscs
___RECOVER__FILES__.RansomTrojanLock.txt
Ransom message:
notes/___RECOVER__FILES__.RansomTrojanLock.txt
HOW_CAN_GET_FILES_BACK.rtf
Ransom message:
notes/HOW_CAN_GET_FILES_BACK.rtf
Note locations:
RootDiscs
Technical Indicators
Associated Executable Files
The following executable files are associated with Parasite ransomware:
pdjfs.exe
prs.exe
Adobe Reader.exe
98561.exe
svchost.exe
X.exe
X.bin
speedo.exe
x65454.exe
jjlylwvw.exe
___________.exe
有和人这中大为上个国.exe
1.exe
$.exe
1.bin.exe
ngg0to4u.exe
SchoolPrject1.exe
Ghost.exe
Jpghosts.log
TaskHost.exe
98561.exe
Elastio Can Help You
Don't let Parasite ransomware take over your data
Elastio provides advanced ransomware protection and recovery solutions to keep your organization safe.
About This Analysis
This Parasite ransomware analysis is part of Elastio's comprehensive ransomware detection database. Elastio provides advanced ransomware protection and recovery solutions, helping organizations defend against and recover from ransomware attacks like Parasite.
Last updated: July 30, 2025