FANDOM


Scorpion is a Ransomware which affects Microsoft Windows systems. This ransomware was sent to the FMV (fan-made virus) series of the popular malware YouTuber Siam Alam. it actually was made by Arab TEC, a YouTube channel from Jordan and made videos about Visual Basic, the file is compressed by a ZIP file, for extracting it, the user needs a password, when its extracted it will have a Readme text file and the executable.

Payload

After the virus is executed it cuts to a screen saying: "Welcome to Scorpion Virus" Then it says: "Enter the code to unlock virus" The user will then have 3 tries to enter the code correctly. If the user doesn't enter the code correctly after three tries it locks the computer on the virus screen.

Version 2

Payload

After the virus is executed it will restart the computer, after the user restarts, it will start normally, but when the user attempts to log on, the screen will be locked and there will be a message saying:

"Welcome to Scorpion Virus"

Then the user will need to wait for a loading red bar, after that, there would be a screen with a scorpion saying:

"Scorpion is here"

Then a message saying:

"Ooops!Your computer has been locked! and all your files have been encrypted! you cannot do anything, just cry!.

Then the user will have 30 seconds to unlock the computer with a VIP Code to unlock.

If the user tries to open start task manger via ctr+alt+del they will get a message saying:

"Don't try that again."

Version 3

Payload

Version 3 completely change Scorpion vírus instead of reseting computer upon activation the screen cuts to a citamatic screen first it cuts to a broken/updated T.V. screen then it cuts to the scorpion logo going down then it finally stops and is greeted with:
welcome to scorpion virus
A few seconds later under that it says Good grammar:
Your computer is dead

Bad grammer (this is what it actually says)

Your computer is died
if the user restarts the computer it cuts to a black screen despite the fact that there is nothing wrong with the registry. There are theories it that wipes out explorer.exe entirely.