Hi, last month I was able to follow the instructions to remove Xorist ransomware from my computer (firstname.lastname@example.org)
I saw the other thread that said the Black Mamba ransomware was Xorist, but the emsisoft software is not able to find a key for this. I have tried a pair of 334kb files and 6MB files, but no luck. The affected filename ends with either [.BLACK_MAMBA_Files@QQ.COM] or [BLACK_MAMBA_Files@QQ.COM.BLACK_MAMBA_Files@QQ] The strange thing is that sometimes it is only the file name that is affected and not always the filetype. When the filetype is changed, it is [BLACK_MAMBA_Files@QQ File]
It looks like the same message as the other thread so not sure what else to do. The software reaches 100% of key space exhausted and a message is displayed stating 'Files need to be at least 510 bytes long'.
All your important files were encrypted on this computer.You can verify this by click on see files an try open them.Encrtyption was produced using unique KEY generated for this computer.To decrypted files, you need to otbtain private key.The single copy of the private key, with will allow you to decrypt the files, is locate on a secret server on the internet;The server will destroy the key within 24 hours after encryption completed.REMEMBER YOU HAVE ONLY 24 HOURS TO PAY EVERITHING IS AUTOMATICALLY!To retrieve the private key, you need to pay 4 bitcoinsBitcoins have to be sent to this address: 1JjKYDsYrJGPCzLGGmFL8nM7AvUncd2wYWAfter you've sent the payment send us an email to : BLACK_MAMBA_Files@QQ.COM with subject : ERROR-ID-63100666(4BTC)If you are not familiar with bitcoin you can buy it from here :SITE : www.localbitcoin.comAfter we confirm the payment , we send the private key so you can decrypt your system.
Edited by Glib, 27 June 2017 - 08:18 PM.