fekri600

Member
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About fekri600

  • Rank
    New Member
  1. I opened a ticket in Kaspersky support… after giving them all information and 4 different files of the encrypted & original files … they give me this response : Our Malware analysts have informed us that the files have been encrypted by a modification of Trojan-Ransom.Win32.Purgen Unfortunately, they cannot decrypt files encrypted by this malware variant presently. We always suggest to keep a backup of those files (which you seem to have), as in the future, a tool might be released once the encryption algorithm is broken or even released by the criminals, as this has been the case sometimes. Apologies for not being able to assist any further.
  2. All my files are encrypted .DICOM In attachment, you will find a sample of the encrypted, original file and the readme file. All your files are Encrypted! For data recovery needs decryptor. How to buy decryptor: ---------------------------------------------------------------------------------------- | 1. Download Tor browser - https://www.torproject.org/ and install it. | 2. Open link in TOR browser - http://decrmbgpvh6kvmti.onion/ | 3. Follow the instructions on this page ---------------------------------------------------------------------------------------- Note! This link is available via "Tor Browser" only. ------------------------------------------------------------ Free decryption as guarantee. Before paying you can send us 1 file for free decryption. ------------------------------------------------------------ alternate address - http://helpinfh6vj47ift.onion/ GlobeImposter 2.0 This ransomware has no known way of decrypting data at this time. It is recommended to backup your encrypted files, and hope for a solution in the future. Identified by ransomnote_filename: Restore-My-Files.txt custom_rule: victim ID in encrypted file Click here for more information about GlobeImposter 2.0 Would you like to be notified if there is any development regarding this ransomware? Click here. Encrypted-orginal and redme file.zip Encrypted-orginal and redme file.zip