Win32.DN

Member
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Win32.DN

  • Rank
    New Member
  1. Unfortunately, legit decryptor does not help the difficult part. The difficult thing is factoring the "PRIVATEKEY" which is different per users.
  2. My friend became the victim and I reversed uploaded "unlock.exe" yesterday. The 36 (0x24) bytes variant is actually based on Cry9. I already understand (i hope) how the unlocker decrypts the files. The problem is factoring the AES128 key (and 0x1000+ bytes additional table), which looks to be different per the victim. Maybe Fabian knows better about this part (or he is stuck at the same point). I will look more when I have more time but don't expect good news from me.