Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About unkaleong

  • Rank
    New Member
  1. Thanks GT500. A security firm is coming into my organisation is coming in to help tomorrow. I will share their findings with the community here.
  2. I've managed to login to the infected server via safe mode and found the malicious file. I've run the file through the link you have sent me earlier. Please find the results below:- https://www.virustotal.com/#/file/e8fedb6e700d3676a7d38abfef791720cd4da13034a2c276783e76a91f5c356e/detection
  3. Thanks. I've been in contact with cert.pl, they requested a copy of the encrypted file and ransom note which I duly provided. They have just got back to me and they are saying it's RSA2048Pro ransomware. I've run FRST and am attaching the logs as required. Addition.txt FRST.txt
  4. Thanks GT500! Looking forward to your reply
  5. Hi, The excel and PDF files on my shared drive have become infected and renamed with a .aes extension. I've run the ransomware-id tool and it's come up with the following results. https://id-ransomware.malwarehunterteam.com/identify.php?case=c8a6f5e8abfacc2975908db82c67c4c23c9c49b7 Can anyone help to decrypt the files? Much Obliged, unkaleong
  • Create New...