.AESIR File Extension

Locky Ransomware Encrypted File

Developer N/A
Popularity
2.0  |  1 Vote
 

What is a AESIR file?

A file with a .aesir extension is a file encrypted by the Locky trojan horse virus utilized by cybercriminals. It contains a user's file, such as an .AVI or .XLSX file, encrypted with the RSA algorithm and AES-128 ciphers. AESIR files became prevalent in 2016 as a Locky Virus variant and are nearly identical to .LOCKY and .ODIN files.

More Information

The Locky virus is malware, known as ransomware. The purpose of the virus is to take a victim's files hostage and force them to pay the perpetrator (by way of Bitcoin) to unlock their files.

How the Locky virus affects files

The Locky virus is a trojan horse that typically enters a victim's computer through a spam email attachment. For example, the cybercriminal may send an email disguised as a notice from the victim's ISP with a .ZIP file attachment (the attachment is likely named logs_[victim_name].zip).

Once the virus affects their computer, it scrambles, renames, and encrypts their files. The virus then generates three files on the user's computer desktop (and changes the desktop wallpaper):

  • INSTRUCTION.bmp
  • INSTRUCTION.html
  • 1-INSTRUCTION.html

The files include messages informing the victim of the takeover and what they need to do to recover their files (typically by paying a Bitcoin ransom).

Common AESIR Filenames

[8 random characters]-[4 random characters]-[4 random characters]-[4 random characters]-[12 random characters].aesir - Encrypted files are renamed with a sequence of random characters followed by the .aesir file extension. For example, a example.mp4 file becomes RD435A7S-86O2-Y826-2IV7-2J84X3TM6N9E.aesir.

How to open a AESIR file

There is no program currently available to restore AESIR files to their original state. If you back up your files you can execute a full system restore.

Warning

FileInfo.com recommends you never pay a ransom to decrypt files encrypted by ransomware. Paying a ransom encourages ransomware distributors to continue their efforts, and there is no guarantee you will gain access to your files upon paying the ransom. Instead, you should restore your data from a recent backup created before the ransomware infected your computer.

Open over 400 file formats with File Viewer Plus.Free Download

Programs that open AESIR files

Windows
System Restore

Verified by FileInfo.com

The FileInfo.com team has independently researched the Locky Ransomware Encrypted file format and Windows apps listed on this page. Our goal is 100% accuracy and we only publish information about file types that we have verified.

If you would like to suggest any additions or updates to this page, please let us know.

‹ .AES  |  .AET ›