There's no way to really identify that without the ransom note or the malware itself. There's no filemarkers, and the extension is most likely random.
I'm currently taking a look at the executable you provided, trying to identify which one it is exactly. No filemarkers are tagged by ID Ransomware, so I'm a little confused on which variant it is.
Happy new year!
Any update on my case please ?
May I still can have hope of a solution from you ?
Edited by jaxnatax, 10 January 2018 - 05:58 AM.