Payt Ransomware Lists No Specific Ransom Demand
Payt ransomware is the name of a new strain of file-encrypting malware. This new variant does not seem to belong to any particular ransomware family.
Once deployed on a target system, Payt encrypts files on it, scrambling almost every media, document, archive and database extension and file type. Once encrypted, files receive a multi-part new extension that consists of the victim's ID string, the contact email of the ransomware operator, and the ".Payt" string.
This will make a file formerly called "image.jpg" transform into "image.jpg.[victim ID](wesleypeyt@tutanota.com).Payt" upon encryption.
The ransom note is deposited inside a plain text file with the name "ReadthisforDecode.txt". The full contents of the ransom note are as follows:
Your Files Are Has Been Locked
Your Files Has Been Encrypted with cryptography Algorithm
If You Need Your Files And They are Important to You, Dont be shy Send Me an Email
Send Test File + The Key File on Your System (File Exist in C:/ProgramData example : RSAKEY-SE-24r6t523 pr RSAKEY.KEY) to Make Sure Your Files Can be Restored
Get Decryption Tool + RSA Key AND Instruction For Decryption Process
Attention:
1- Do Not Rename or Modify The Files (You May loose That file)
2- Do Not Try To Use 3rd Party Apps or Recovery Tools ( if You want to do that make an copy from Files and try on them and Waste Your time )
3-Do not Reinstall Operation System(Windows) You may loose the key File and Loose Your Files
Your Case ID :-
OUR Email
:wesleypeyt at tutanota dot com
in Case of no answer: wesleypeyt at gmail dot com