ICrusaderI

Member
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ICrusaderI

  • Rank
    New Member
  1. Hi there, i have the following Big problem : my friend got this ransowmare i believe a variant of YYto , the help file displays at startup to mail to [email protected], the files encrypted are m5m5 extensions. The server victim is Windows 2003. I need help to decript the files... i used wireshark with batch at the startup, isolated the server as much as i could and recorded the following pcap : <link removed>