Jump to content

VBGeek2000

Member
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

About VBGeek2000

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Good morning Fabian. The new version seems to be working great for decrypting the text-based files in addition to the other files. Thanks so much for your patience and help getting these last few files decrypted!
  2. Hi Pavan, Use this link to identify the type. https://id-ransomware.malwarehunterteam.com You probably need the Amnesia2 decrypter. Good luck!
  3. Hi Fabian, I'm thinking most of the SQL files should contain either /* or -- in the first 16 bytes. Good chance SELECT would be in there too if that helps you any. The C# files I've seen start with using, namespace, or //. Thanks!
  4. Thank you for the information, Fabian. Do you have any pointers how we can decrypt those? Is there any source code we could use to do the brute force and look for specific keywords in the decrypted text? i.e. SELECT, INSERT, or UPDATE for SQL files and a few keywords for the cs files? Unfortunately our "good stuff" is mostly in text-based files. Thanks again for your response!
  5. It seems like the images and PDFs decrypt ok, but my SQL and C# code files are not being decrypted. I am restoring most from backups, but just trying to get those changes I made in the past few days captured as well if possible. I was originally thinking the small file size was the reason why they were not decrypting, but I successfully decrypted a few 1 and 2KB image files without any issues. AAA - What is eating up SQL.sql.frogo
  6. Hi all, My computer was hit with a ransomware that was identified by id-ransomware as Amnesia2 but neither decrypter is working 100%. The Amnesia decrypter did not find a decryption key (tried it just in case). The Amnesia 2 decrypter works occasionally, but not for the files I am trying to decrypt and restore - of course! I figured I would check and see if anyone else has run into this variant and can point me in the right direction. The file extension for the encrypted is .frogo Here is the ransom note: ===========================================
×
×
  • Create New...