Do we have any information about %subj%? My colleague brought me an encrypted computer (by openeing infected email attachement). All MS office files are encrypted, the new file extension .evillock is added. The attacker is asking 0,3 BTC, otherwise the files will be deleted within three days. The email address goes to Kazakhstan.
File header of all encrypted files: AES CREATED_BY aescrypt 3.10
Thank you.
It is just one of the many ransomware malwares that are around.
Whatever you do, do NOT pay.
https://www.nomoreransom.org/
https://id-ransomware.malwarehunterteam.com/