If your files are encrypted with the .redmat extension appended to them, then you are dealing with a serious ransomware infection. .Redmat is in fact a variation of the infamous STOP ransomware family, which is known for its strong encryption algorithm.
If you are a victim of .redmat files virus, you can follow our article to learn how to remove the threat from your system.
|Name||.redmat Files Virus|
|Short Description||Encrypts files on your computer and demands a ransom for their recovery.|
|Symptoms||Important files are locked and renamed with .redmat extension. You see a ransom message that forces you to contact hackers for a decryption tool.|
|Distribution Method||Spam Emails, Email Attachments|
|Detection Tool|| See If Your System Has Been Affected by .redmat Files Virus |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss .redmat Files Virus.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
.Redmat Files Virus – Details about the Infection
The .redmat files virus appears to be another variant of the well-knownSTOP ransomware family which has been infecting users for many months. The ransomware is seeking to encrypt valuable personal files and is demanding a ransom for their supposed restoration.
A common practice deployed in ransomware campaigns such as .redmat is the use of massive email spam campaigns. There are several ways to spot emails carrying ransomware infections:
- A link to a compromised web page that is set to download and execute infection files directly on the system. The URL address to this page may come in the form of an in-text link, banner, image, button or full URL address.
- A malicious file attachment that is presented as legitimate document in the text message. It could be uploaded in a .rar or .zip archive. Such a file is usually able to evade active security measures and trick you into running the ransomware without suspecting anything.
The second the payload file of .redmat files virus is started on your system, the ransomware is set to complete a number of malicious modifications including persistence and file encryption.
Once .redmat ransomware reaches the encryption phase, it activates a built-in cipher module which scans the system for certain types of files and encrypts them with the strong cipher algorithm Salsa 20. When the original code of targeted files is altered, the files are appended the .redmat extension.
Recent ransomware viruses are known to target the following files:
- Audio files
- Video files
- Document files
- Image files
- Backup files
- Banking credentials, etc
Once encryption is finished, the ransomware drops a ransom message (_readme.txt) and loads it on your screen. The message reads the following:
Don’t worry my friend, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.
NOTE. Paying the ransom sum to cybercriminals is not advisable. This action does not guarantee the recovery of your .redmat files and it further supports cybercrime.
Remove .Redmat Files Virus and Restore Data
The .redmat files virus is a ransomware with complex code that corrupts both system settings and valuable data. Needless to say, all malicious files and objects created by the ransomware should be removed from the system. For that purpose, you can refer to our removal steps below the article. You will also find alternative data recovery approaches that may be helpful in attempting to restore files encrypted by .redmat ransomware. It’s highly important to back up all encrypted files to an external drive before the recovery process.