Samples of any encrypted files, ransom notes or suspicious executables (installer, malicious files, attachments) that you suspect were involved in causing the infection can be submitted here
) with a link to this topic.Kangaroo Ransomware is a variant of Apocalypse
You can submit samples of encrypted files and ransom notes to ID Ransomware
for assistance with identification and confirmation. This is a service that helps identify what ransomware may have encrypted your files and then attempts to direct you to an appropriate support topic where you can seek further assistance. Uploading both encrypted files and ransom notes together provides a more positive match and helps to avoid false detections.
Fabian Wosar has released decrypters for Apocalypse and older variants of this infection but the cyber-criminals have fixed flaws and updated their malware so newer variants of this ransomware may not be decryptable
There are ongoing discussions in these topics where you can ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.
Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in one of the above support topic discussion...it includes experiences by experts, a variety of IT consultants, end users and company reps who have been affected by ransomware infections. To avoid unnecessary confusion, this topic is closed.
If you need individual assistance only with removing the malware infection
, follow the instructions in the Malware Removal and Log Section Preparation Guide
...all other questions or comments should be posted in the support topics. When you have done that, start a new topic and post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum
, NOT here
, for assistance by the Malware Response Team.
The BC Staff
I merged and closed two other related topics. If you are confused by my instructions, please send me a PM.