Jump to content

Amigo-A

Visiting Expert
  • Posts

    2438
  • Joined

  • Last visited

  • Days Won

    61

Amigo-A last won the day on January 17

Amigo-A had the most liked content!

Reputation

197 Excellent

About Amigo-A

  • Birthday September 1

Contact Methods

  • Website URL
    https://id-ransomware.blogspot.com

Profile Information

  • Gender
    Male
  • Location
    Ransomware Advisory
  • Interests
    Research, collection, categorization, publication of information about Ransomware, and other malware. Cooperating support of 'ID Ransomware' (in English and Russian).

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. coval4uk If you attached a malicious file, then it was already deleted before I saw it. You can send files to me in another way.
  2. You need to attach an zip-archive in which to put a ransom note and several encrypted files + originals.
  3. Hello @ahmedmahmoud If you think that your files have been attacked, for example, encrypted or blocked, then you need to attach an zip-archive with files to the message. Place 2-3 encrypted (blocked) files and a ransom note in the zip-archive. Usually, when hackers encrypt or lock files, they leave a ransom note where they write their demands, indicate the amount of the ransom. We will try to determine which ransomware attacked your files.
  4. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. Hola. Esta es una de las variantes del 'STOP Ransomware'. Lea esta guía. Muchas opciones. Este distribuido utilizando software reenvasado y pirateado. Muy raramente se puede descifrar si alguien compró y entregó la clave a los desarrolladores del Emsisoft Descifrador. No hay otra manera.
  8. If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  9. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. Maybe another decryption will come up in the future.
  10. Hello If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  11. Hello If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  12. Ola @CleitoDias Você precisa usar o Google Tradutor. https://translate.google.com Unfortunately, this is the result of a STOP Ransomware attack. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. The problem is serious and it is impossible to decrypt the files if an online key was used during encryption. You can read more in the article. You need use Google Translator. If your files received two different extensions after encryption, then you were attacked twice. In each case, a different key may be used. If the online key was used twice, then decrypting the files is even more problematic. You can check the ransom notes in each folder and compare the Personal ID.
  13. Hola Carlos! If say correct, then it is an .jhbg extension. At the beginning of the ID there are numbers 0460. Unfortunately, this is the result of a STOP Ransomware attack. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. The problem is serious and it is impossible to decrypt the files if an online key was used during encryption. You can read more in the article. You need use Google Translator.
×
×
  • Create New...