DeathToSmoochie

Member
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About DeathToSmoochie

  • Rank
    New Member
  1. We are dealing with the "[email protected]" ransomware and I found an odd file in the "public" user director that is timestamped at the same time the files were encrypted but it has no extension, only file name. I starts with a string of alphanumeric characters strung together then below has a block of alpha numeric characters formatted in a pattern of 16 rows of 2 characters by 16 columns of characters. Is it possible that the encryption tool was designed to leave the decryption key in a random, extension-less file on the encrypted drive?