ID Ransomware

Загрузите записку о выкупе и 1 зашифрованный файл для идентификации шифровальщика-вымогателя.

Знание - половина победы!
GI Joe

Загрузить файлы

Файл, отображающий информацию о выкупе и оплате.

Файл, который был зашифрован и не открывается.



Optionally, you may enter any email addresses or hyperlinks the ransomware gives you for contact (if there is no ransom note).

FAQ

  • Какие вымогатели идентифицируются?

    Наш сервис идентифицирует 1157 вымогателя(ей). Вот пополняемый список того, что уже определяется:

    $$$ Ransomware, 010001, 0kilobypt, 0mega, 0XXX, 16x, 24H Ransomware, 32aa, 3AM, 4rw5w, 54bb47h, 5ss5c, 777, 7ev3n, 7even Security, 7h9r, 7zipper, 8Base, 8lock8, AAC, ABCLocker, Abyss Locker, ACCDFISA v2.0, AdamLocker, Adhubllka, Admin Locker, AES_KEY_GEN_ASSIST, AES-Matrix, AES-NI, AES256-06, AESMew, Afrodita, AgeLocker, Akira, Ako / MedusaReborn, Al-Namrood, Al-Namrood 2.0, ALC, Alcatraz, Alfa, Allcry, Alma Locker, Alpha, AMBA, Amnesia, Amnesia2, Anatova, AnDROid, AngryDuck, Annabelle 2.1, AnteFrigus, Anubi, Anubis, AnubisCrypt, Apocalypse, Apocalypse (New Variant), ApocalypseVM, ApolloLocker, ARCrypter (Chile Locker), AresCrypt, Argus, Aris Locker, Armage, ArmaLocky, Arsium, ASN1 Encoder, AstraLocker, Ataware, Atchbo, Aurora, AutoLocky, AutoWannaCryV2, Avaddon, AVCrypt, Avest, AvosLocker, AWT, AxCrypter, aZaZeL, Azov Wiper, B2DR, Babaxed, Babuk, BabyDuck, BadBlock, BadEncript, BadRabbit, Bagli Wiper, Bam!, BananaCrypt, BandarChor, Banks1, BarakaTeam, Bart, Bart v2.0, Basilisque Locker, BasnEncrypter, BB Ransomware, Beast, BeijingCrypt, BetaSup, BianLian, BigBobRoss, BigLock, Bisamware, Bisquilla, BitCrypt, BitCrypt 2.0, BitCryptor, BitKangoroo, Bitpaymer / DoppelPaymer, BitPyLock, Bitshifter, BitStak, BKRansomware, Black Basta, Black Buy, Black Claw, Black Feather, Black Shades, BlackByte, BlackCat (ALPHV), BlackHeart, BlackHunt, BlackKingdom, BlackMatter, Blackout, BlackRuby, BlackSuit, Blind, Blind 2, Blocatto, BlockFile12, Blooper, Blue Blackmail, BlueSky, Bonsoir, BoooamCrypt, Booyah, BrainCrypt, Brazilian Ransomware, Brick, BrickR, BrightNight, BTCamant, BTCWare, BTCWare Aleta, BTCWare Gryphon, BTCWare Master, BTCWare PayDay, Bubble, Bucbi, Bud, Bug, BugWare, BuyUnlockCode, c0hen Locker, C3rb3r, Cactus, Cancer, Cassetto, CatB, Cerber, Cerber 2.0, Cerber 3.0, Cerber 4.0 / 5.0, CerberImposter, CerberTear, Chaos, CheckMail7, Checkmate, Cheers, Chekyshka, ChernoLocker, ChiChi, Chimera, ChinaJm, ChinaYunLong, ChineseRarypt, CHIP, Cicada3301, CiphBit, ClicoCrypter, Clop, Clouded, CmdRansomware, CNHelp, CobraLocker, CockBlocker, Coin Locker, CoinVault, Combo13 Wiper, Comet, Comrade Circle, Conficker, Consciousness, Conti, CoronaVirus, CorruptCrypt, Cossy, Coverton, Cr1ptT0r Ransomware, CradleCore, CreamPie, Creeper, Crimson, Cripton, Cripton7zp, Cry128, Cry36, Cry9, Cryakl, CryCryptor, CryFile, CryLocker, CrypMic, Crypren, Crypt0, Crypt0L0cker, Crypt0r, Crypt12, Crypt32, Crypt38, Crypt3r / Ghost / Cring, CryptConsole, CryptConsole3, CryptFuck, CryptGh0st, CryptInfinite, CryptoApp, CryptoDarkRubix, CryptoDefense, CryptoDevil, CryptoFinancial, CryptoFortress, CryptoGod, CryptoHasYou, CryptoHitman, CryptoJacky, CryptoJoker, CryptoLocker3, CryptoLockerEU, CryptoLocky, CryptoLuck, CryptoMix, CryptoMix Revenge, CryptoMix Wallet, CryptON, Crypton, CryptoPatronum, CryptoPokemon, CryptorBit, CryptoRoger, CryptoShield, CryptoShocker, CryptoTorLocker, CryptoViki, CryptoWall 2.0, CryptoWall 3.0, CryptoWall 4.0, CryptoWire, CryptXXX, CryptXXX 2.0, CryptXXX 3.0, CryptXXX 4.0, CryPy, CrySiS, Crystal, CSP Ransomware, CTB-Faker, CTB-Locker, Cuba, CXK-NMSL, CyberVolk, Cyborg, Cyrat, D00mEd, Dablio, Damage, DarkBit, DarkoderCryptor, DarkPower, DarkRadiation, DarkSide, DataF Locker, DataFrequency, DataKeeper, DavesSmith / Balaclava, Dcrtr, DCry, DCry 2.0, Deadbolt, Deadly, DearCry, DeathHiddenTear, DeathHiddenTear v2, DeathNote, DeathOfShadow, DeathRansom, DEcovid19, Decr1pt, DecryptIomega, DecYourData, DEDCryptor, Defender, Defray, Defray777 / RansomEXX, Delta, DeriaLock, DeroHE, Desync, Dharma (.cezar Family), Dharma (.dharma Family), Dharma (.onion Family), Dharma (.wallet Family), Diavol, Digisom, DilmaLocker, DirtyDecrypt, Dishwasher, District, DMA Locker, DMA Locker 3.0, DMA Locker 4.0, DMALocker Imposter, DoggeWiper, Domino, Done, DoNex, DoNotChange, Donut, DoubleLocker, DragonForce, DriedSister, DryCry, DST Ransomware, DualShot, Dviide, DVPN, DXXD, DynA-Crypt, eBayWall, eCh0raix / QNAPCrypt, ECLR Ransomware, EdgeLocker, EduCrypt, EggLocker, Egregor, El Dorado, El Polocker, Elysium, Embargo, Enc1, Encrp, EnCrypt, EncryptedBatch, EncrypTile, EncryptoJJS, Encryptor RaaS, Enigma, Enjey Crypter, EnkripsiPC, Enmity, Entropy, EOEO, Epsilon, EpsilonRed, Erebus, Erica Ransomware, Eris, Estemani, ESXiArgs, Eternal, Everbe, Everbe 2.0, Everbe 3.0, Evil, Executioner, ExecutionerPlus, Exerwa CTF, Exocrypt XTC, Exorcist Ransomware, Exotic, Extortion Scam, Extractor, EyeCry, Fabiansomware, Fadesoft, Fake DarkSide, Fake WordPress Crypter, Fantom, FartPlz, FCPRansomware, FCrypt, FCT, FenixLocker, FenixLocker 2.0, Fenrir, FilesLocker, FindNoteFile, FindZip, FireCrypt, Flamingo, Flatcher3, FLKR, FlowEncrypt, Flyper, Fog, FonixCrypter, Frag, FREEer, FreeMe, FrozrLock, FRSRansomware, FS0ciety, FTCode, FuckSociety, FunFact, FuxSocy Encryptor, FXS, G.R.I.D., Galacti-Crypter, GandCrab, GandCrab v4.0 / v5.0, GandCrab2, GarrantyDecrypt, GC47, Geneve, Gerber, GermanWiper, GetCrypt, GhostCrypt, GhostHammer, Gibberish, Gibon, Gladius, Globe, Globe (Broken), Globe3, GlobeImposter, GlobeImposter 2.0, GoCryptoLocker, Godra, GOG, GoGoogle, GoGoogle 2.0, Golden Axe, GoldenEye, Gomasom, Good, Gopher, GoRansom, Gorgon, Gotcha, GPAA, GPCode, GPGQwerty, GusCrypter, GX40, H0lyGh0st, Hades, HadesLocker, Hakbit, Halloware, Hansom, HappyDayzz, HardBit, hc6, hc7, HDDCryptor, HDMR, HE-HELP, Heimdall, Hello (WickrMe), HelloKitty, HelloXD, HellsRansomware, Help50, HelpDCFile, Herbst, Hermes, Hermes 2.0, Hermes 2.1, Hermes837, HermeticWiper, Heropoint, Hi Buddy!, HiddenTear, HildaCrypt, Hive, HKCrypt, HollyCrypt, HolyCrypt, HowAreYou, HPE iLO Ransomware, HR, HsHarada / Rapture, Hucky, Hunters International, Hydra, HydraCrypt, IceFire, IEncrypt, IFN643, ILElection2020, Ims00ry, ImSorry, INC Ransom, Incanto, InducVirus, Industrial Spy, Infection Monkey, InfiniteTear, InfinityLock, InfoDot, InsaneCrypt, Interlock, IQ, iRansom, Iron, Ironcat, Ishtar, Israbye, iTunesDecrypt, JabaCrypter, Jack.Pot, Jaff, Jager, JapanLocker, Jasmin, JavaLocker, JeepersCrypt, Jemd, Jigsaw, JNEC.a, JobCrypter, JoeGo Ransomware, JoJoCrypter, Jormungand, JosepCrypt, JSWorm, JSWorm 2.0, JSWorm 4.0, JuicyLemon, JungleSec, Kaenlupuf, Kali, Karakurt, Karma, Karma Cypher, Karmen, Karo, Kasiski, Katyusha, KawaiiLocker, KCW, Kee Ransomware, KeRanger, Kerkoporta, Kesafat Locker, KesLan, KeyBTC, Keygroup777, KEYHolder, Khonsari, KillerLocker, KillRabbit, KimcilWare, Kirk, Knight, Knot, KokoKrypt, Kolobo, Kostya, Kozy.Jozy, Kraken, Kraken Cryptor, KratosCrypt, Krider, Kriptovor, KryptoLocker, Kupidon, L33TAF Locker, Ladon, Lalabitch, Lambda Ransomware, LambdaLocker, LeakThemAll, LeChiffre, LegionLocker, LightningCrypt, Lilith, Lilocked, Lime, Litra, LittleFinger, LLTP, LMAOxUS, Lock2017, Lock2Bits, Lock93, LockBit, LockBit 3.0, LockBox, LockCrypt, LockCrypt 2.0, LockDown, Locked-In, LockedByte, LockeR, LockerGoga, LockFile, Lockit, LockLock, LockMe, Lockout, LockTaiwan, LockXXX, Locky, Loki, Loki Locker, Lola, LolKek, LongTermMemoryLoss, LonleyCrypt, LooCipher, Lortok, Lost_Files, LoveServer, LowLevel04, LuciferCrypt, Luckbit, Lucky, Lynx, MacawLocker, MadBit, MAFIA, MafiaWare, MafiaWare666, Magic, Magniber, Major, Makop, Maktub Locker, MalasLocker, MalwareTech's CTF, MaMoCrypter, Maoloa, Mapo, Marduk, Marlboro, MarraCrypt, Mars, MarsJoke, Matrix, Maui, MauriGo, MaxiCrypt, Maykolin, Maysomware, Maze, MCrypt2018, Medusa, MedusaLocker, MedusaStealer, MegaCortex, MegaLocker, MeowCorp, Mespinoza, MetaEncrypter, Meteoritan, Mew767, Mikoyan, MindSystem, Minotaur, Mionoho, MirCop, MireWare, Mischa, MMM, MNS CryptoLocker, Mobef, MoneyBird, MoneyMessage, MongoLock, Monster, Montserrat, MoonCrypter, MorrisBatchCrypt, Moses Staff, MOTD, MountLocker, MoWare, MRAC, MRCR1, MrDec, Muhstik, Mystic, n1n1n1, N3TW0RM, N3ww4v3/Mimic, NanoLocker, NAS Data Compromiser, NCrypt, Nefilim, NegozI, Nemty, Nemty 2.x, Nemty Special Edition, Nemucod, Nemucod-7z, Nemucod-AES, NETCrypton, Netix, Netwalker (Mailto), Nevada, NewHT, NextCry, Nhtnwcuf, NightSky, Nitro, NM4, NMoreira, NMoreira 2.0, NO-NAME Hacking Group, Noblis, NoEscape, NoHope, NOKOYAWA, Nomikon, NonRansomware, NotAHero, NoWay, Nozelesn, NSB Ransomware, Nuke, NullByte, NxRansomware, Nyton, ODCODC, OhNo!, OmniSphere, ONYX, OnyxLocker, OoPS, OopsLocker, OpenToYou, OpJerusalem, Ordinypt, Osno, Ouroboros v6, OutCrypt, OzozaLocker, PadCrypt, Pandora, Panther, Paradise, Paradise .NET, Paradise B29, Parasite, Pay2Key, Paymen45, PayOrGrief, PayPalGenerator2019, PaySafeGen, PClock, PClock (Updated), PEC 2017, Pendor, Petna, PewCrypt, PewPew, PGPSnippet, PhantomChina, Philadelphia, Phobos, PhoneNumber, Pickles, PL Ransomware, Plague17, Planetary Ransomware, Play, PoisonFang, Pojie, Polaris, PonyFinal, PopCornTime, Potato, Povlsomware, PowerLocky, PowerShell Locker, PowerWare, PPDDDP, Pr0tector, Predator, PrincessLocker, PrincessLocker 2.0, PrincessLocker Evolution, Project23, Project34, Project57, ProLock, Prometheus, Protected Ransomware, Proton / Shinra, PSAUX, PshCrypt, PSRansom, PUBG Ransomware, PureLocker, PwndLocker, PyCL, PyCL, PyL33T, PyLocky, Qilin / Agenda, qkG, Qlocker, QP Ransomware, QuakeWay, Quimera Crypter, QwertyCrypt, Qweuirtksd, R980, RAA-SEP, RabbitFox, RabbitWare, RackCrypt, Radamant, Radamant v2.1, Radar, Radiation, RagnarLocker, RagnarLocker 2.0+, Ragnarok, RamblerBot, Random6, RandomLocker, RandomRansom, RanHassan, Ranion, RanRan, RanRans, Rans0mLocked, RansomCuck, RansomHub, Ransomnix, RansomNow, RansomPlus, Ransomwared, RansomWarrior, Rapid, Rapid 2.0 / 3.0, RapidRunDll, RaRansomware, RarVault, Razy, RCRU64, RedAlert, RedBoot, Redeemer, RedEye, RedRock, RedRum / Tycoon 1.0, RegretLocker, REKTLocker, Rektware, Relock, RemindMe, RenLocker, RensenWare, RetMyData, REvil / Sodinokibi, Reyptson, Rhino, Rhysida, Risen, RNS, RobbinHood, Roga, Rokku, Rontok, Rook, Rorschach / BabLock, RoshaLock, RotorCrypt, Royal, Roza, RSA-NI, RSA2048Pro, RSAUtil, Ruby, RunExeMemory, RunSomeAware, Russenger, Russian EDA2, Ryuk, SAD, SadComputer, Sadogo, SADStory, SafePay, Sage 2.0, Salsa, SamSam, Sanction, Sanctions, SantaCrypt, Satan, Satana, SatanCryptor, Saturn, SaveTheQueen, Scarab, ScareCrow, SD 1.1, Secles, Sekhmet, Seon, Sepsis, SerbRansom, Serpent, SEXi / APT INC, SFile, ShellLocker, Shifr, Shigo, ShinigamiLocker, ShinoLocker, ShivaGood, ShkolotaCrypt, ShrinkLocker, ShrinkLocker, Shrug, Shrug2, Shujin, Shutdown57, SifreCozucu, Sifreli, Sigma, Sigrun, SilentDeath, SilentSpring, Silvertor, Simple_Encoder, SintaLocker, Skull Ransomware, SkyFile, SkyStars, Smaug, Smrss32, Snake (Ekans), SnakeLocker, SnapDragon, Snatch, SNSLocker, SoFucked, SOLEENYA, SolidBit, Solider, Solo Ransomware, Solve, Somik1, SophosEncrypt, Spartacus, SpartCrypt, Spectre, Spider, SplinterJoke, Spora, Sport, SQ_, Stampado, Stinger, STOP (Djvu), STOP / KEYPASS, StorageCrypter, Storm, Striked, Stroman, Stupid Ransomware, Styx, Such_Crypt, Sugar / Encoded01, SunCrypt, SuperB, SuperCrypt, Surprise, Surtr, SynAck, SyncCrypt, Syrk, SYSDOWN, SystemCrypter, SZFLocker, Szymekk, T1Happy, TapPiF, TargetCompany, TaRRaK, Team XRat, Telecrypt, TellYouThePass, Termite, TeslaCrypt 0.x, TeslaCrypt 2.x, TeslaCrypt 3.0, TeslaCrypt 4.0, Teslarvng, TeslaWare, TFlower, Thanatos, Thanos, The DMR, TheDarkEncryptor, THIEFQuest, THT Ransomware, ThunderCrypt / Lorenz, ThunderX / Ranzy, tk, Tongda, Torchwood, TotalWipeOut, TowerWeb, ToxCrypt, Trigona, Tripoli, Trojan.Encoder.6491, Troldesh / Shade, Tron, TrueCrypter, TrumpLocker, TurkStatik, Tycoon 2.0 / 3.0, U-Bomb, UCCU, UIWIX, Ukash, UmbreCrypt, UnblockUPC, Ungluk, Unit09, Unknown Crypted, Unknown Lock, Unknown XTBL, Unlock26, Unlock92, Unlock92 2.0, Unlock92 Zipper, UnluckyWare, Useless Disk, UselessFiles, UserFilesLocker, USR0, Uyari, V8Locker, Vaggen, Vapor v1, Vash-Sorena, VaultCrypt, vCrypt, VCrypt, Vega / Jamper / Buran, Velso, Vendetta, VenisRansomware, Venus, VenusLocker, VHD Ransomware, ViACrypt, VindowsLocker, VisionCrypt, VMola, Vohuk, VoidCrypt, Vortex, Vovalex, Vurten, VxLock, Waffle, Waiting, Waldo, WannaCash, WannaCash 2.0, WannaCry, WannaCry.NET, WannaCryFake, WannaCryOnClick, WannaDie, WannaPeace, WannaRen, WannaScream, WannaSmile, WannaSpam, WastedBit, WastedLocker, Wesker, WhatAFuck, WhisperGate, WhiteBlackCrypt, WhiteRabbit, WhiteRose, WHM Ransomware, WildFire Locker, WininiCrypt, Winnix Cryptor, WinRarer, WinTenZZ, WonderCrypter, WoodRat, Wooly, Wulfric, X Locker 5.0, XCry, XCrypt, XData, XerXes, XiaoBa, XiaoBa 2.0, XMRLocker, Xorist, Xort, XRTN, XTP Locker 5.0, XYZWare, Yanluowang, Yatron, Yogynicof, YouAreFucked, YourRansom, Yyto, Z3, ZariqaCrypt, zCrypt, Zekwacrypt, Zenis, Zeon, Zeoticus, Zeoticus 2.0, Zeppelin, ZeroCrypt, ZeroFucks, Zeronine, Zeropadypt, Zeropadypt NextGen / Ouroboros, ZeroRansom, Zhen, Ziggy, Zilla, ZimbraCryptor, ZinoCrypt, ZipLocker, Zipper, Zoldon, Zorab, ZQ, Zyklon
  • Можно расшифровать мои данные?

    Нет. Данный сервис только для определения вымогателя, зашифровавшего файлы. Мы хотим указать правильное направление, чтобы вы знали, есть ли способ расшифровки файлов. Способа восстановления может и не быть, т.к. каждый случай индивидуален.

  • Это конфиденциально?

    Все загружаемые файлы сразу анализируются по базе данных. Если есть результат, они немедленно удаляются. Если нет результата, то файлы передаются доверенным аналитикам, чтобы помочь с будущим детектом и идентификацией нового вымогателя.

    Данные передаются на сервер через SSL, т.е. третья сторона не перехватит соединение.

    Поэтому, я не гарантирую файлам 100% конфиденциальности. Данные временно хранятся на общем хостинге, и я не отвечаю за то, что может быть с ними сделано.

    Email и BitCoin-адреса из загруженных в ID Ransomware файлов, могут предоставляются доверенным аналитикам или органам правопорядка. Никакие личные данные не сохраняются.

  • Почему у меня разные результаты?

    Многие вымогатели имеют схожие "признаки", например, может совпасть присваемое расширение. Это затрудняет идентификацию и иногда не дает 100% точности. Результаты отсортированы попарно, чтобы точнее определить вымогателей.

  • Можно ли загрузить образец вредоноса или подозрительный файл?

    Нет. Этот сервис только для загрузки записки о выкупе и зашифрованных файлов для определения вымогателя. Для анализа файлов отправьте их на VirusTotal или HybridAnalysis.