CryptConsole Ransomware Overview[]
The CryptConsole ransomware is a scareware malware which has been used in several attack campaigns. Its encryption engine only renames the affected file types.
CryptConsole Ransomware Note[]
Your files are encrypted!
Your personal ID
764F6A6664514B414373673170615339554A534A5832546A55487169644B4A35
Discovered a serious vulnerability in your network security.
No data was stolen and no one will be able to do it while they are encrypted.
For you we have automatic decryptor and instructions for remediation.
How to get the automatic decryptor:
1) Pay 0,25 BTC
Buy BTC on one of these sites:
bitcoin adress for pay:
1KG8rWYWRYHfvjVe8ddEyJNCg6HxVWYSQm
Send 0,25 BTC
2) Send screenshot of payment to unCrypte@outlook.com. In the letter include your personal ID (look at the beginning of this document).
3) You will receive automatic decryptor and all files will be restored
* To be sure in getting the decryption, you can send one file (less than 10MB) to unCrypte@outlook.com In the letter include your personal ID (look at the beginning of this document). But this action will increase the cost of the automatic decryptor on 0,25 btc…
Attention!
No Payment = No decryption
You really get the decryptor after payment
Do not attempt to remove the program or run the anti-virus tools
Attempts to self-decrypting files will result in the loss of your data
Decoders other users are not compatible with your data, because each user’s unique encryption key
CryptConsole Ransomware Distribution[]
The CryptConsole ransomware is distributed using the mainstream distribution methods. Spam email messages are a suspect as they often use social engineering tricks to lure the targets into opening infected attachments or hyperlinks.