I have a client hit with a ransomware virus that encrypted all his data and converted it all to the following format:
(filename)[email protected]
I know this is a Russian virus, and I know that the BAA14811 part is the unique infection ID. However I've been unable to find the HTML files it generates upon completion. Perhaps the virus never completed its work. Anyway, the client's entire law firm is stored on this drive, all backups failed, so they are willing to pay.
Anyone know where the website to pay this ransom is? Or have a sample HTML file from one like this?
Many thanks!
(filename)[email protected]
I know this is a Russian virus, and I know that the BAA14811 part is the unique infection ID. However I've been unable to find the HTML files it generates upon completion. Perhaps the virus never completed its work. Anyway, the client's entire law firm is stored on this drive, all backups failed, so they are willing to pay.
Anyone know where the website to pay this ransom is? Or have a sample HTML file from one like this?
Many thanks!