Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. Unfortunately, legit decryptor does not help the difficult part. The difficult thing is factoring the "PRIVATEKEY" which is different per users.
  2. My friend became the victim and I reversed uploaded "unlock.exe" yesterday. The 36 (0x24) bytes variant is actually based on Cry9. I already understand (i hope) how the unlocker decrypts the files. The problem is factoring the AES128 key (and 0x1000+ bytes additional table), which looks to be different per the victim. Maybe Fabian knows better about this part (or he is stuck at the same point). I will look more when I have more time but don't expect good news from me.
  • Create New...