Home Malware Programs Ransomware Estemani Ransomware

Estemani Ransomware

Posted: August 26, 2019

The Estemani Ransomware is a file-locker, which may be propagated online and disguised as various content types – a game-cheat, pirated software, game crack, important document, or even a harmless-looking ZIP archive. Regardless of the disguise used to spread the Estemani Ransomware, the consequences of its attack are always dire. This file-encryption Trojan is swift and merciless when it comes to encrypting the files of its victims – it targets a long list of file types, therefore ensuring that its victim's file system will suffer as much damage as possible.

After the Estemani Ransomware encrypts a file, it adds the '.estemani' extension to its name so that it should be fairly easy to distinguish encrypted and non-encrypted files. Another change that the threat brings is the creation of the 'HOW_DECRYPT_FILES.txt' ransom message, which provides the victim with additional details about the attack as well as with an offer for data decryption services.

The authors of the Estemani Ransomware are asking to be paid a 'fair' price in exchange for the decryptor they claim to possess. However, the attackers' idea of 'fair' is rather shocking – they want a minimum of 0.75 Bitcoin, which is around $7,500. They also warn their victims that the ransom amount may be increased if the ransomware has infected a business. They ask to be contacted via the email estemaniii@airmail.cc for further details.

We assure you that sending money to the Estemani Ransomware's authors is not a sensible solution – they will not hesitate to collect the money without helping you at all. Sadly, there are not many free data recovery options available – the only certain way to undo the damage completely it to restore the damaged files from a backup. If a backup copy of your files is not available, then we would suggest resorting to alternative data recovery solutions – do note that their success rate may vary greatly. Do not forget that you should only experiment with data recovery options after you have made sure to eliminate the Estemani Ransomware with the assistance of an anti-virus application.