Threat Database Ransomware EnCrypt Ransomware

EnCrypt Ransomware

By GoldSparrow in Ransomware

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 437
First Seen: July 6, 2017
Last Seen: June 23, 2022
OS(es) Affected: Windows

The EnCrypt Ransomware is an encryption ransomware Trojan, a category of threats that work by taking the victim's files hostage. To do this, the EnCrypt Ransomware will use a strong encryption algorithm to encrypt the affected files, preventing the victim from accessing the encrypted data. Once the EnCrypt Ransomware has encrypted the victim's files, it will demand a ransom from the victim in exchange for the decryption key or program necessary to recover the affected files. There are many ways in which threats like the EnCrypt Ransomware may be distributed to victims. The most ordinary of them is the use of corrupted email attachments, which are delivered using spam messages to victims. These email attachments will carry documents with enabled macros, which will download and install the EnCrypt Ransomware onto the victim's computer.

The Uninspired Name of the EnCrypt Ransomware

While threats like the EnCrypt Ransomware can be delivered in a variety of ways (such as entering the victim's computer directly, through the use of websites infected with exploit kits, or bogus downloads on peer-to-peer file sharing networks), the most common delivery method is the use of corrupted DOCX files, which will use macros to install the EnCrypt Ransomware on the victim's computer. Once the EnCrypt Ransomware is installed on the victim's computer, it will scan the victim's drives for files to encrypt. The EnCrypt Ransomware will encrypt the files on the victim's drives, as well as on all storages associated with the infected PC, including removable memory devices connected to the infected computer and directories shared on a network.

How Con Artists may Profit from the EnCrypt Ransomware

The EnCrypt Ransomware will use a strong encryption algorithm to make the victim's files inaccessible. Apart from doing this, the EnCrypt Ransomware also will delete the Shadow Volume Copies of the affected files and other possible recovery methods. After doing this, the EnCrypt Ransomware will display a ransom note on the infected computer, which demands the payment of a ransom, informs the victim of the attack, and provides instructions on how to carry out the payment. Bellow is the full text of the EnCrypt Ransomware's ransom note:

The only way to decrypt your files is to receive the private key and decryption program.
To decrypt your files you need to buy the private key
1. Create a Bitcoin Wallet (
2. Buy necessary amount of Bitcoins (50$)
Do not forget about the transaction commission in the Bitcoin network
Here are our recommendations: - Bitcoin, Ethereum & Ripple Trading In Korea - A good service for Europe - Get BTC via Visa / MC or SEPA (EU) bank transfer - This service allows you to search for people that want to sell Bitcoins directly (WU, Cash, SEPA, Paypal, etc). - Buy Bitcoins using Visa / Mastercard or Wire Transfer. - It is recommended for the fast and easy service. Payment methods: Western Union, Bank of America, cash through FedEx, Moneygram, and/or wire transfer - Old and proven Bitcoin dealer - Visa/Mastercard - Bitcoins dealer (Visa/Mastercard, etc.)
Could not find Bitcoins in your region? Try searching here: International catalog of Bitcoins exchanges - Another Bitcoins sellers catalog - International catalog of Bitcoins exchanges - A catalog for the European Union
3. Send 50$ to the following Bitcoin address:
4. Go to the following site:
5. In there site insert:
ID ([redacted])
Your btc address (the same utilized for the payment)
Your email address (to receive the key and the program for decrypt)
6. Wait 24/48h and check your email (also the spam)
1. Download "Tor Browser" from and install it.
2. In the "Tor Browser" open:
Note! This page is available via "Tor Browser" only.
Also you can use temporary addresses without using "Tor Browser".

Do not Pay the EnCrypt Ransomware Ransom

The EnCrypt Ransomware demands the equivalent of $50 USD through Bitcoins. PC security researchers strongly advise computer users to refrain from paying the EnCrypt Ransomware ransom since this serves only to allow con artists to develop further ransomware variants. Since attacks like the EnCrypt Ransomware are becoming more common increasingly, take preventive measures, such as having file backups and installing a reliable security program that is fully up-to-date to avoid an infection.

Related Posts


Most Viewed