'sqqsdr01@keemail.me' Ransomware

The 'sqqsdr01@keemail.me' Ransomware is an encryption ransomware Trojan that seems to be based on the Creeper Ransomware, a ransomware Trojan observed in March of 2018. The first instances of the variant of this threat were observed on August 18, 2018. There have been several updates to the original threat in this family. The 'sqqsdr01@keemail.me' Ransomware, like most encryption ransomware Trojans, is designed to take the victim's files captive and then demand a ransom payment in exchange for returning access to the affected files.

Symptoms of a 'sqqsdr01@keemail.me' Ransomware Infection

The 'sqqsdr01@keemail.me' Ransomware is designed to take over the victim's files, using a strong encryption algorithm to make the victim's files completely inaccessible. The 'sqqsdr01@keemail.me' Ransomware marks all the files encrypted by its attack by adding the file extension '.crypton'. This file extension has been observed in other encryption ransomware Trojans, particularly Crypton Ransomware, although there is no relationship between them and the 'sqqsdr01@keemail.me' Ransomware. The 'sqqsdr01@keemail.me' Ransomware targets the user-generated files, which may include many types of documents, media files, databases, and other data. The following are examples of the types of files that threats like the 'sqqsdr01@keemail.me' Ransomware will target in these kinds of attacks:

.ebd, .jbc, .pst, .ost, .tib, .tbk, .bak, .bac, .abk, .as4, .asd, .ashbak, .backup, .bck, .bdb, .bk1, .bkc, .bkf, .bkp, .boe, .bpa, .bpd, .bup, .cmb, .fbf, .fbw, .fh, .ful, .gho, .ipd, .nb7, .nba, .nbd, .nbf, .nbi, .nbu, .nco, .oeb, .old, .qic, .sn1, .sn2, .sna, .spi, .stg, .uci, .win, .xbk, .iso, .htm, .html, .mht, .p7, .p7c, .pem, .sgn, .sec, .cer, .csr, .djvu, .der, .stl, .crt, .p7b, .pfx, .fb, .fb2, .tif, .tiff, .pdf, .doc, .docx, .docm, .rtf, .xls, .xlsx, .xlsm, .ppt, .pptx, .ppsx, .txt, .cdr, .jpe, .jpg, .jpeg, .png, .bmp, .jiff, .jpf, .ply, .pov, .raw, .cf, .cfn, .tbn, .xcf, .xof, .key, .eml, .tbb, .dwf, .egg, .fc2, .fcz, .fg, .fp3, .pab, .oab, .psd, .psb, .pcx, .dwg, .dws, .dxe, .zip, .zipx, .7z, .rar, .rev, .afp, .bfa, .bpk, .bsk, .enc, .rzk, .rzx, .sef, .shy, .snk, .accdb, .ldf, .accdc, .adp, .dbc, .dbx, .dbf, .dbt, .dxl, .edb, .eql, .mdb, .mxl, .mdf, .sql, .sqlite, .sqlite3, .sqlitedb, .kdb, .kdbx, .1cd, .dt, .erf, .lgp, .md, .epf, .efb, .eis, .efn, .emd, .emr, .end, .eog, .erb, .ebn, .ebb, .prefab, .jif, .wor, .csv, .msg, .msf, .kwm, .pwm, .ai, .eps, .abd, .repx, .oxps, .dota.

Once the 'sqqsdr01@keemail.me' Ransomware has encrypted the victim's files, they will no longer be recoverable without the decryption key. The victims are invited to contact the criminals via the email address 'sqqsdr01@keemail.me' provided by a ransom note contained in a text file named 'DECRIPT_FILES.txt.' The following is the full text in the 'sqqsdr01@keemail.me' Ransomware's ransom note:

'Decrypting your files is easy. Take a deep breath and follow the steps below.
1 ) Make the proper payment.
Payments are made in Monero. This is a crypto-currency, like bitcoin.
You can buy Monero, and send it, from the same places you can any other
crypto-currency. If you're still unsure, google 'monero exchange'.
Sign up at one of these exchange sites and send the payment to the address below.
Payment Address (Monero Wallet):
[95 characters address]
2 ) Farther you should send your ip address to email address sqqsdr01@keemail.me
Then you will receive all necessary key.
Prices :
Days : Monero : Offer Expires
0-2 : 500$ : [date of infection]
3-6 : 1000$ : [4 days after infection]
Note: In 7 days your password decryption key gets permanently deleted.
You then have no way to ever retrieve your files. So pay now.'

Dealing with the 'sqqsdr01@keemail.me' Ransomware

The instructions in the 'sqqsdr01@keemail.me' Ransomware's ransom note should be ignored, and contact with the criminals responsible for the 'sqqsdr01@keemail.me' Ransomware or the payment of the ransom should be avoided. Instead, the files encrypted by the 'sqqsdr01@keemail.me' Ransomware should be restored from backup copies. Apart from file backups, a security program is an essential part of keeping your data safe.