ESCANOR Ransomware
The ESCANOR Ransomware is a damaging threat designed to lock users out from accessing their own data. Malware of this type is mostly used in financially-motivated attack operations with the attackers' goal being the extortion of money from the impacted individual users or corporate entities. ESCANOR is capable of affecting a diverse range of file types - documents, images, archives, databases, photos, etc. All encrypted files will no longer be accessible.
The threat will append '.ESCANOR' to the original names of the locked files. Victims also will notice the appearance of an unfamiliar text file named 'HELP_DECRYPT_YOUR_FILES.txt' on the desktop of the infected device. The file contains a ransom note detailing the instructions of the threat actors responsible for the malware attack. According to the message, victims are expected to pay $980 in Bitcoins as ransom to the attackers. The money should be transferred to the provided crypto-wallet address. Victims also can send a single locked file to be decrypted for free by messaging the 'hxxp://www.escanor-re.com/' email address.
Victims of ransomware attacks need to be extremely careful when dealing with cybercriminals. After all, paying the demanded ransom is not a guarantee that the attackers will keep their end of the deal or that the decryptor tools they sent back will be able to successfully restore all of the impacted files.
The full text of ESCANOR Ransomware's note is:
'Oops All Of your important files were encrypted Like document pictures videos etc..
Don't worry, you can return all your files!
All your files, documents, photos, databases and other important files are encrypted by a strong encryption.How to recover files?
RSA is a asymmetric cryptographic algorithm, you need one key for encryption and one key for decryption so you need private key to recover your files. It’s not possible to recover your files without private key.
The only method of recovering files is to purchase an unique private key.Only we can give you this key and only we can recover your files.What guarantees you have?
As evidence, you can send us 1 file to decrypt by email We will send you a recovery file Prove that we can decrypt your filePlease You must follow these steps carefully to decrypt your files:
Send $980 worth of bitcoin to wallet: js97xc025fwviwhdg53gla97xc025fwv
after payment,we will send you Decryptor software
contact email: hxxp://www.escanor-re.com/Your personal ID:'
