Ransomware Identification & Recovery

Analyze ransom notes and encrypted files to identify the ransomware variant and get professional recovery recommendations from security experts.

Upload Sample View Variants

How It Works

Our professional ransomware identification process in three simple steps

Upload Sample

Upload a ransom note or encrypted file sample from the affected system.

Automated Analysis

Our system analyzes the sample to identify the ransomware variant and characteristics.

Recovery Recommendations

Receive specific recovery options and professional recommendations.

Upload Your Sample

Upload a ransom note (.txt file) or any encrypted file for analysis. Our system will identify the ransomware variant and provide specific recovery recommendations.

What should I upload?
  • Ransom note text files (often named READ_ME.txt or similar)
  • Encrypted files with unusual extensions
  • Screenshots of ransom messages
Important

All uploaded files are analyzed locally and securely. We do not store your files.

File Analysis

Upload ransom notes or encrypted files

Drag and drop files here or click to browse

Common Ransomware Variants

WannaCry
High Risk

A ransomware worm that spread rapidly through computer networks in May 2017 using the EternalBlue exploit.

Learn More
Akira
High Risk

A sophisticated ransomware targeting corporations with a focus on Windows systems and VMware ESXi servers.

Learn More
Phobos
Medium Risk

A ransomware distributed as a Ransomware as a Service (RaaS) that primarily targets small to mid-sized businesses.

Learn More

100% Free Service

Our tool is completely free to use!