Stampado Ransomware Decrypter

Stampado Decrypter

If your computer has been infected by the Stampado Ransomware, below is a decryption tool that you can use to decrypt your data. If you are unsure about how to proceed give us a call at 319-227-7000 so we can schedule a time to take care of this for you.

Stampado Ransomware Decrypter (Emsisoft)
Stampado is a ransomware kit offered within various hacking communities. Written in AutoIt, it encrypts files using AES-256 encryption and renames them to *.locked. Known variants of this ransomware ask victims to contact paytodecrypt@sigaint.org, getfiles@tutanota.com, successl@qip.ru, clesline212@openmailbox.org or ransom64@sigaint.org to facilitate payment. In order for the decrypter to work you will require both the email you are asked to contact as well as your ID. Please keep in mind that both are case sensitive, so proper capitalization does matter. Please put both information into the appropriate fields in the options tab. Since version 1.17.0 each Stampado infection also has a unique “salt” that is specific to the ransomware buyer. The salt can either be specified manually or detected automatically. In order to determine the salt automatically the ransomware has to be running on the system. Fill in the ID and email address and click the “Detect …” button next to the salt input field. If the malware has already been removed, please don’t attempt to reinfect yourself. Instead submit the malware file via email to fw@emsisoft.com so I can extract the correct salt for you. You can also try the pre-configured salts that have been used by known Stampado campaigns in the wild so far.

Contact us Now 319-227-7000

2017-03-16T16:43:37+00:00February 2nd, 2017|Ransomware|0 Comments