Hi. Some help would be much appreciated. I have mounted the .vhdx file on a Windows 10 PC. I have some untouched original data and the corresponding infected file. It seems to be a Nemesis malware or derivative. File extensions are :
Infected file : Copy files 2008.bat.id_2824135525_[
[email protected]].nemesis
Uninfected file : Copy files 2008.bat
I have tried several of the CryptON decrypters to no avail.
Is there a decrypter available that can handle these file ? The Cry128 EXE ran to completion but didn't crack it.
Here's some text it left behind.
***
