We’re here to fix that.
Download one of EmsiSoft free decrypter tools to recover your files without paying the ransom
All your documents, photos, databases and other important personal files were encrypted
using a combination of strong RSA-2048 and AES-128 algorithms.
The only way to restore your files is to buy decryptor. Please, follow these steps:
Create your Bitcoin wallet here:
Buy 0.13066 bitcoins here:
Send 0.13066 bitcoins to this address:
Open one of the following links in your browser:
Download and run decryptor to restore your files.
You can find this instruction in “DECRYPT” file on your desktop.
To decrypt your files, please run the decrypter on the encrypted system. The decrypter requires various files from your %TEMP% directory of the user that spawned the infection. Therefore it is important not to reformat the system or run any cleanup tools before attempting the decryption.
[May, 30, 2017] – Version: 126.96.36.199
Due to a bug in the malware’s code, the malware will truncate up to the last 7 bytes from files it encrypts. It is, unfortunately, impossible for the decrypter to reconstruct these bytes.
[Jan, 4, 2017] – Version: 188.8.131.52
[Dec, 23, 2016] – Version: 184.108.40.206
Since version 1.17.0 each Stampado infection also has a unique “salt” that is specific to the ransomware buyer. The salt can either be specified manually or detected automatically. In order to determine the salt automatically the ransomware has to be running on the system. Fill in the ID and email address and click the “Detect …” button next to the salt input field.
If the malware has already been removed, please don’t attempt to reinfect yourself. Instead submit the malware file via email to [email protected] so I can extract the correct salt for you. You can also try the pre-configured salts that have been used by known Stampado campaigns in the wild so far.