Any files that are encrypted with BTCLocker Ransomware
will have the .btc
extension appended to the end of the encrypted data filename but that infection is a year old and the ransom note it leaves is different than yours.
The best way to identify the different ransomwares is the ransom note
(including it's name), samples of the encrypted files
, any obvious extensions appended
to the encrypted files, information related to any email addresses
provided by the cyber-criminals to request payment and the malware file
responsible for the infection.
You can submit (upload) samples of encrypted files, ransom notes and any contact email addresses or hyperlinks provided by the cyber-criminals toID Ransomware
for assistance with identification
. This is a service that helps identify what ransomware may have encrypted your files and then attempts to direct you to an appropriate support topic where you can seek further assistance. Uploading both
encrypted files and ransom notes together provides a more positive match and helps to avoid false detections. Any contact email addresses or hyperlinks provided by the criminals may also be helpful with identification. If ID Ransomware cannot identify the infection, you can post the case SHA1
it gives you in your next reply for Demonslay335
to manually inspect the files.