Sckmedady Ransomware

Sckmedady is a ransomware threat that encrypts files on infected devices. As part of its threatening activities, it modifies the filenames after the encryption, appending a specific extension. The new names of the files include the docexkonc@gmail.com email address, a string of random characters and finally, the ".sckmedady" extension. For instance, a file named "1.jpg" would be changed to "1.jpg.[docexkonc@gmail.com][MJ-JS8403912576].sckmedady". Researchers have found out that Sckmedady belongs to a ransomware family called VoidCrypt.

As typical for this threat type, the Sckmedady Ransomware creates a ransom note, in this case in a text file named "Read-Me.txt." In the ransom note, the attackers instruct victims to find the "prvkey.txt.key" file in the ProgramData folder located in the "C" drive (or elsewhere) and send it to the email address docexkonc@gmail.com. The message also warns that there is no way to decrypt the locked files without paying the ransom.

Unfortunately, after a successful ransomware attack, the affected files can be restored only if victims have a backup on a remote server or a separate storage device. Rarely, a decryption tool is available for free on the Internet. Nevertheless, a ransom should never be paid as there are no guarantees that the crooks will provide a decryption tool as they promise.

Sckmedady Ransomware’s ransom note contains the following text:

'All Your Files Has Been Encrypted

You Have to Pay to Get Your Files Back

1-Go to C:\ProgramData\ or in Your other Drives   and send us prvkey.txt.key  file 

2-You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data

3-Payment should be with Bitcoin

4-Changing Windows without saving prvkey.txt.key file will cause permanete Data loss

Our Email:  docexkonc@gmail.com

in Case of no Answer: docexkonc@gmail.com.'