Calvo Ransomware

The CALVO Ransomware is another malware threat belonging to the notorious Phobos Ransomware family. Despite showing no meaningful improvements or modifications when compared with other members of the Phobos Ransomware family, the CALVO Ransomware can lock users out of their computers easily, by encrypting the files stored there with an uncrackable cryptographic algorithm. All affected files will have their names changed following the same pattern observed in other Phobos Ransomware variants - [Original Name].[Victim's ID].[Email Address].[Ransomware Extension]. The specific email address and file extension used by this threat are 'seamoon@criptext.com' and '.CALVO,' respectively. 

Upon completing its encryption routine, the threat will proceed to deliver its ransom note with instructions from the hackers. Calvo will drop two files containing different versions of the note. Inside the 'info.txt' file, affected users will find an extremely truncated version of the note that simply instructed them to contact the aforementioned 'seamoon@criptext.com' email or if they do not receive an answer within 24 hours, try the 'seamoon@tutanota.com' address. Far more details are provided in the pop-up window generated from the 'info.hta' file. It clarifies that the first message sent by the victims must include in its title the ID string found inside the ransom note. The Calvo Ransomware's victims also are allowed to attach up to 5 files that will supposedly be decrypted for free. The files, however, cannot exceed a total non-archived size of 4MB and must not contain any valuable information. The exact sum of the ransom demanded by the hackers is not revealed, but the money must be transferred using the Bitcoin cryptocurrency. 

The full text of the ransom note displayed in the pop-up window is:

All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail seamoon@criptext.com
Write this ID in the title of your message -
In case of no answer in 24 hours write us to this e-mail:seamoon@tutanota.com
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the tool that will decrypt all your files.
Free decryption as guarantee
Before paying you can send us up to 5 files for free decryption. The total size of files must be less than 4Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
https://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.'