Emsisoft Decryptor for SynAck
SynAck is a ransomware that was first spotted in 2017, and encrypts files using either ECIES and AES-256, or RSA-2048 and AES-256.
SynAck appends a random extension to each file, but can be identified by a special filemarker at the end of files that also denotes which version of the malware was used.
In order to decrypt your files, the decryptor will require a ransom note, which contains the encrypted key.
Below is an example ransom note "RESTORE_INFO-538E9B04.txt":
Syn----> Ack----> ================================================================================== Files are encrypted, algorithm used: ecies-secp192r1 & aes-ecb-256. To decrypt your files, please contact us using this e-mail address: [email protected] If for unknown reasons you did not receive any answer on e-mail, write to BitMessage (using site https://bitmsg.me/): BM-2cWsgWxq1X5M6qjDEBPvCdEbbPLn2zi43k Please do not perform any manipulations with encrypted files. If you want to try to restore your files manually, do backups first. And please do not remove files with text notes, because they contain important information required for file restoring. Please include the following text in your message: [redacted base64] ==================================================================================