Ransomware Wiki
Ransomware Wiki

CryptConsole Ransomware Overview[]

The CryptConsole ransomware is a scareware malware which has been used in several attack campaigns. Its encryption engine only renames the affected file types.

CryptConsole Ransomware Note[]

Your files are encrypted!

Your personal ID

764F6A6664514B414373673170615339554A534A5832546A55487169644B4A35

Discovered a serious vulnerability in your network security.

No data was stolen and no one will be able to do it while they are encrypted.

For you we have automatic decryptor and instructions for remediation.

How to get the automatic decryptor:

1) Pay 0,25 BTC

Buy BTC on one of these sites:

https://localbitcoins.com

https://www.coinbase.com

https://xchange.cc

bitcoin adress for pay:

1KG8rWYWRYHfvjVe8ddEyJNCg6HxVWYSQm

Send 0,25 BTC

2) Send screenshot of payment to unCrypte@outlook.com. In the letter include your personal ID (look at the beginning of this document).

3) You will receive automatic decryptor and all files will be restored

* To be sure in getting the decryption, you can send one file (less than 10MB) to unCrypte@outlook.com In the letter include your personal ID (look at the beginning of this document). But this action will increase the cost of the automatic decryptor on 0,25 btc…

Attention!

No Payment = No decryption

You really get the decryptor after payment

Do not attempt to remove the program or run the anti-virus tools

Attempts to self-decrypting files will result in the loss of your data

Decoders other users are not compatible with your data, because each user’s unique encryption key

CryptConsole Ransomware Distribution[]

The CryptConsole ransomware is distributed using the mainstream distribution methods. Spam email messages are a suspect as they often use social engineering tricks to lure the targets into opening infected attachments or hyperlinks.

CryptConsole Ransomware Removal[]

In-depth removal instructions and detailed technical information about the virus can be found on Best Security Search.