Emsisoft Decryptor for Marlboro
The Marlboro ransomware was first seen on January 11th, 2017. It is written in C++ and uses a simple XOR-based encryption algorithm. Encrypted files are renamed to ".oops". The ransom note is stored inside a file named "_HELP_Recover_Files_.html" and includes no further point of contact.
Due to a bug in the malware's code, the malware will truncate up to the last 7 bytes from files it encrypts. It is, unfortunately, impossible for the decrypter to reconstruct these bytes.
To use the decrypter, you will require an encrypted file of at least 640 bytes in size as well as its unencrypted version. To start the decrypter select both the encrypted and unencrypted file and drag and drop them onto the decrypter executable.