Paradise Ransomware decryption tool

Paradise Ransomware decryption tool
Paradise Ransomware decryption tool
Written by Brendan Smith
Note!

You need to delete the malware from your PC first of all, otherwise, it will lock your device or cipher your data several times. In case your current anti-virus tool does not delete this malware, it can be deleted with the help of GridinSoft Anti-Malware.

In case your system was infected by means of the Windows Remote Desktop function, we also strongly advise that you change all the passwords of all available users that are permitted to log in on a remote basis and inspect the local user accounts for the availability of other extra accounts that the online frauds could possibly generate.

Note: This tool does not require an active internet connection.

Bitdefender Lab announced a decryption tool for Paradise Ransomware.

About Paradise Ransomware

Paradise Ransomware, initially discovered in 2017. It has been marketed as a affiliates service (ransomware as a service – Ransomware-as-a-Service).

This ransomware encrypts user data using RSA-1024, and then requires a ransom in #BTC to return the files. After infection, Paradise virus checks the keyboard language for Russian, Kazakh, Belarus or Ukrainian language and, if so, exits without encrypting. Otherwise, it encrypts files and deletes shadow copies to prevent the user from restoring them.

After encryption, it displays a ransom message:

All your files was encrypted!
Paradise R Team!
Ur unique ID
XXXXXX
Your personal KEY
XXXXX

NOTE!
All your important data that was stored on this computer have been locked due a security problem.
To back them, write to us by е-mail,.
You have to pay in Bitcoins.
After payment we will send you the special software for decrypt that will back all your files.
DO YOU NEED A PROOF?
Before payment you can send us 1-3 files , and we back you restored files for free.
File size should not exceed 1MB.
Please note that files must NOT contain valuable information.
HOW TO PAY
We accept payments in bitcoins, but you do not need to be able to use bitcoins.
You do not need a bitcoin purse.
I will explain how you can pay using ANY currency in any way convenient to you.
Communication
Email: blackblackra@tuta.io
or
Email: blackblackra@tuta.io
Warning!

Do not rename files
Do not try to back your data using not our software, it may cause permanent data loss(If you do not believe us, and still try to - make copies of all files so that we can help you if third-party software harms them)
As evidence, we can for free back one file
Decoders of other users is not suitable to back your files - encryption key is created on your computer when the program is launched - it is unique.

Paradise note

The new Paradise decryptor can restore the following file extensions:

  • .FC
  • .2ksys19
  • .p3rf0rm4
  • .Recognizer
  • .VACv2
  • .paradise
  • .CORP
  • .immortal
  • .exploit
  • .prt
  • .STUB
  • .sev
  • .sambo

Download the decryption tool below and save it on your computer.

Example of use decryption tool

BDParadiseDecryptor.exe start -path:"C:\" -> the tool will start with no GUI and scan C:\
BDParadiseDecryptor.exe start o0:1 -> the tool will start with no GUI and scan the entire system
BDParadiseDecryptor.exe start o0:1 o1:1 o2:1 -> the tool will scan the entire system, backup encrypted files and overwrite present clean files
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Brendan Smith

I'm Brendan Smith, a passionate journalist, researcher, and web content developer. With a keen interest in computer technology and security, I specialize in delivering high-quality content that educates and empowers readers in navigating the digital landscape.

With a focus on computer technology and security, I am committed to sharing my knowledge and insights to help individuals and organizations protect themselves in the digital age. My expertise in cybersecurity principles, data privacy, and best practices allows me to provide practical tips and advice that readers can implement to enhance their online security.

Leave a Reply

Sending