ID Ransomware Case ID:
Please reference this case SHA1: a280c09964c30af9c04d257bac9fdeff61ebbb33
Unable to determine ransomware.
The ransome note is as follows (pretty generic);
I followed the link via Torbrowser and they are currently asking for 1.5 BitCoin (more or less 900.00 €)
Your Files were encrypted
Decrypting files is only possible with the help of the private key and decrypt program which is on our secret server:
1. Open your browser and type https://www.torproject.org/download/download-easy.html.en . Download "tor browser" for windows.
If you can't open page above then go to https://www.torproject.org and click button Download.
You will be redirected you to page where you see 'Tor Browser for Windows'. Download "Tor Browser" for Windows.
2. Install it and run it. Seldom people can't install tor browser from links above. If you can't install it then download and unpack already installed tor browser:
3. Type in the address bar www.zkfykr6ipkegpgyv.onion/start.php and open our secret tor website.
4. Secret tor website will ask to input your public key.
5. Input your public key. Follow the instructions.
Your public key
We advice to rewrite this public key and tor hidden address to other relible place because in the
future your antivirus software possible can delete all created messages on your computer that
contains your public key and this tor hidden address.
If you have problems while installing or downloading tor browser or opening our hidden onion site then remove or disable
your antivirus (it can prohibit actions with tor browser) or try do it on other computer.
Remember that you can browse www.youtube.com and search video where you can find how to install 'tor browser'.
If you still can't open our secret hidden tor site then you should
1. Open https://mail.google.com (use your usual browser: (GoogleChrome, Opera, Firefox, ...)
2. If you don't have .....@gmail account then you need sign up. You will have google (.....@gmail) account.
3. Compose letter and send it to email@example.com . In letter you need type us your public key (see this key above).
4. Soon we will send you information what you need to do to decrypt your files.
Remark for you:
You can compose and send letter using other mail provider (.....@aol.com .....@yahoo.com or other), but we
don't advice you use them because we are not confident that we will receive your message.
- - -
Thanks again and best regards from sunny Portugal!