Matrix virus, alternatively called as ransomware, functions as a crypto-Trojan. Matrix Ransomware has the worm like features that allow it to spread outside of the originally infected machine via Windows shortcuts. This malware appends “.matrix” or “.b10cked” extension to the name of every encrypted file. For instance, “sample.jpg” is renamed to “sample.jpg.matrix”. Following successful encryption, Matrix creates a text file “matrix-readme.rtf” (newer variants drop “Readme-Matrix.rtf” fileor “WhatHappenedWithMyFiles.rtf”) and places it in every folder containing ransom demanding message.


while performing the encryption, Matrix will hide a folder and then create a shortcut with the same name. It will then make a copy of the ransomware executable and save it as desktop.ini in the original:

Clicking on any shortcut will launch the malware program.

Files associated with the Matrix Ransomware:
%UserProfile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\[random].hta

Network Communication:

With increase in everyday Ransomware activity, users are highly recommended to back up the files on daily basis to minimize loss of data and use a good anti virus program such Max Total Security which can take daily backup with highly configuration options for users.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>