Unique Ransomware

The Unique Ransomware is a threatening malware tool that cybercriminals can use to encrypt the data of their victims. These malignant threats are typically deployed as part of financially-motivated attacks, where the threat actors use the locked data of their victims as a way to extort the affected users or corporate organizations for money. Analysis of the Unique Ransomware has revealed that despite its name, the threat is, in fact, not a unique malware. Instead, it is another variant belonging to the Phobos Ransomware family.

Victims of the threat will notice that nearly all of their data stored on the infected devices is now completely unusable. In addition, the names of the impacted files will be modified significantly. The Unique Ransomware will first attach an ID string to the file names. Then, it will add the 'uniqueproject@xsmail.com' email address. Finally, '.unique' will be appended as a new file extension. Two ransom notes will be dropped on the victim's device as two files named 'info.hta' and 'info.txt.'

The text file contains just a couple of sentences, mainly telling the victims of the Unique Ransomware to contact either the 'uniqueproject@xsmail.com' or 'uniqueproject@fastmail.com' email addresses. The main ransom-demanding message will be displayed in a pop-up window. It states that the attackers will accept only ransom payments made using the Bitcoin cryptocurrency. Victims also are informed that they can send up to 5 files to be decrypted for free. However, the chosen files must have a total size of less than 4MBs and should not contain any important data.

The full text of the ransom note shown in a pop-up window is:

'All your files have been encrypted!
All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail uniqueproject@xsmail.com
Write this ID in the title of your message -
In case of no answer in 24 hours write us to this e-mail:uniqueproject@fastmail.com
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the tool that will decrypt all your files.
Free decryption as guarantee
Before paying you can send us up to 5 files for free decryption. The total size of files must be less than 4Mb (non archived), and files should not contain valuable information. (databases,backups, large excel sheets, etc.)
How to obtain Bitcoins
The easiest way to buy bitcoins is LocalBitcoins site. You have to register, click 'Buy bitcoins', and select the seller by payment method and price.
hxxps://localbitcoins.com/buy_bitcoins
Also you can find other places to buy Bitcoins and beginners guide here:
hxxp://www.coindesk.com/information/how-can-i-buy-bitcoins/
Attention!
Do not rename encrypted files.
Do not try to decrypt your data using third party software, it may cause permanent data loss.
Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.

Unique Ransomware's text file contains the following message:

!!!All of your files are encrypted!!!
To decrypt them send e-mail to this address: uniqueproject@xsmail.com.
If we don't answer in 24h., send e-mail to this address: uniqueproject@fastmail.com'