Multi-Device Licenses (Volume Discounts)
Threat Database Ransomware Gqlmcwnhh Ransomware

Gqlmcwnhh Ransomware

By CagedTech in Ransomware
Translate To:
English

Gqlmcwnhh is a ransomware belonging to the Snatch malware family. It is capable of encrypting data and renaming files by appending the '.gqlmcwnhh' extension. For example, a file named "Photo1.jpg" would be renamed to '1.jpg.gqlmcwnhh,' and so on for any other files present in the system.

In addition, it drops a ransom note titled 'HOW TO RESTORE YOUR FILES.TXT' upon successful encryption. The encoded files are inaccessible and can only be recovered upon payment of a ransom. Hence, it is important to remain vigilant and ensure that all personal data is backed up and kept secure in order to avoid any such malicious activity.

Gqlmcwnhh Ransomware' note informs victims that their files have been encrypted and that they should contact the email addresses provided to return them - 'Toni.morrison13@tutanota.com.com' and 'Frank.Sinatra1010@protonmail.com.' The subject line of the victim's email must include either an encryption extension or the name of the breached company. Up to 3 files not exceeding 1 MB each can be sent for free decryption, however, important information such as databases, backups, and large Excel spreadsheets should not be included. A customer service TOX ID is also provided in case support does not respond. Finally, it is recommended that an email address from Protonmail or Tutanota is used instead of public services such as Gmail in order to avoid messages being blocked.

The full text of Gqlmcwnhh Ransomware's demands is:

Hello!
All your files are encrypted, write to me if you want to return your files - I can do it very quickly!
Contact me by email:
Toni.morrison13@tutanota.com.com or Frank.Sinatra1010@protonmail.com

The subject line must contain an encryption extension or the name of your company!
Do not rename encrypted files, you may lose them forever.
You may be a victim of fraud. Free decryption as a guarantee.
Send us up to 3 files for free decryption.
The total file size should be no more than 1 MB! (not in the archive), and the files should not contain valuable information. (databases, backups, large Excel spreadsheets, etc.)
!!! Do not turn off or restart the NAS equipment. This will lead to data loss !!!

To contact us, we recommend that you create an email address at protonmail.com or tutanota.com
Because gmail and other public email programs can block our messages!

===========================================================
Customer service TOX ID: 0FF26770BFAEAD95194506E6970CC1C 395B04159038D785DE316F05CE6DE67324C6038727A58
Only emergency! Use if support is not responding

Trending

Most Viewed

Loading...