Scarab ransomware is designed to demand a Bitcoin payment from its victims after encrypting files on their systems. Instead of being distributed via Necurs malspam, Scarabey is distributed via RDP/manual dropping on servers and systems. The ransom note is written in English, however, it reads as if you translated word-for-word a Russian text into English, without knowing proper English grammar or syntax. The authors of Scarab are likely Russian speakers who had written the note in their native language and run it through a translator to be added into the Scarab code.”]
Source: https://blog.malwarebytes.com/threat-analysis/2018/01/scarab-ransomware-new-variant-changes-tactics/