Emsisoft Decrypter for MRCR 1.0.0.61
|
Author:
Emsisoft
Date: 02/21/2017 Size: 1.02 MB License: Freeware Requires: Win 10 / 8 / 7 / Vista / XP Downloads: 5860 times 
TIP:
Click Here to Repair orRestore Missing Windows Files |
 Download@Authors Site Download@MajorGeeks Download@MajorGeeks
|
MajorGeeks: Setting the standard for editor-tested, trusted, and secure downloads since 2001. |
Join the MajorGeeks Mailing List to get the latest updates and exclusive offers!
Emsisoft Decrypter for MRCR decrypts the Merry X-Mas strain of ransomware that surfaced in December 2016.
The Merry X-Mas ransomware is known to be distributed via SPAM emails that appear to be from the FTC, for instance, notifying you to an alleged violation of the Consumer Credit Protection Act and leads the recipient to click on a link that supposedly goes to the agency. It does not. It directs you to a domain for the malware developer called govapego dot com. Once the link is clicked, it will promptly download a zip file containing complaint.pdf.exe or COMPLAINT.pdf depending on whether or not Windows extensions are disabled. If this is clicked on the installer will covertly wait for some time before starting to encrypt your files.
This particular strain is written in Delphi and utilizes custom encryption algorithms that will have either ".PEGS1," ".MRCR1," ".RARE1," ".MERRY", or ".RMCM1" as an extension. The ransom note asks victims to contact either "comodosec@yandex.ru" or "comodosecurity" via the secure mobile messenger Telegram and will be named "YOUR_FILES_ARE_DEAD.HTA" or "MERRY_I_LOVE_YOU_BRUCE.HTA."
To begin decrypting your files you'll need a file pair that consists of an encrypted file and the non-encrypted version of the same file, they need to be between 64 KB and 100 MB in size. As with other Emsisoft Decrypters, you will select both then drag n' drop them onto the executable to initiate decryption.
The Merry X-Mas ransomware is known to be distributed via SPAM emails that appear to be from the FTC, for instance, notifying you to an alleged violation of the Consumer Credit Protection Act and leads the recipient to click on a link that supposedly goes to the agency. It does not. It directs you to a domain for the malware developer called govapego dot com. Once the link is clicked, it will promptly download a zip file containing complaint.pdf.exe or COMPLAINT.pdf depending on whether or not Windows extensions are disabled. If this is clicked on the installer will covertly wait for some time before starting to encrypt your files.
This particular strain is written in Delphi and utilizes custom encryption algorithms that will have either ".PEGS1," ".MRCR1," ".RARE1," ".MERRY", or ".RMCM1" as an extension. The ransom note asks victims to contact either "comodosec@yandex.ru" or "comodosecurity" via the secure mobile messenger Telegram and will be named "YOUR_FILES_ARE_DEAD.HTA" or "MERRY_I_LOVE_YOU_BRUCE.HTA."
To begin decrypting your files you'll need a file pair that consists of an encrypted file and the non-encrypted version of the same file, they need to be between 64 KB and 100 MB in size. As with other Emsisoft Decrypters, you will select both then drag n' drop them onto the executable to initiate decryption.
Screenshot for Emsisoft Decrypter for MRCR
Top Downloads In Ransomware Removal
Bitdefender Anti-Ransomware 1.0.12.151 [ 2017-04-24 10:12:30 | 4.55 MB | Freeware | 11 | 5 ] Malwarebytes Anti-Ransomware 0.9.20 Beta 11 [ 2022-04-15 05:46:32 | 2 MB | Freeware | 11|10|8|7 | 5 ] Avast Ransomware Decryption Tools 1.0.0.769 [ 2025-04-12 08:49:50 | 113 MB | Freeware | 11|10|8|7 | 5 ] STOPDecrypter 2.1.0.18 [ 2019-07-21 06:14:47 | 2.35 MB | Freeware | Win 10 / 8 / 7 / Vista / XP | 5 ] Emsisoft Decryptor Tools [ 2022-07-05 15:01:42 | 99 MB | Freeware | 11|10|8|7 | 5 ] Tactical Briefings
Comment Rules & Etiquette - We welcome all comments from our readers, but any comment section requires some moderation. Some posts are auto-moderated to reduce spam, including links and swear words. When you make a post, and it does not appear, it went into moderation. We are emailed when posts are marked as spam and respond ASAP. Some posts might be deleted to reduce clutter. Examples include religion, politics, and comments about listing errors (after we fix the problem and upvote your comment). Finally, be nice. Thank you for choosing MajorGeeks.
© 2000-2025 MajorGeeks.com
Powered by Contentteller® Business Edition