Hatisk

Infected with ransomware (.oldbat extension)

Recommended Posts

Hi!

Tried to search for an active topic but i couldn't find any regarding this..
I have been infected with Globe/Purge. The files are encrypted like this: "sdIRFH8v7xUy9M.oldbat". It also creates the usual "How to restore files.hta"

Decryption with decrypt_Globe3.exe failed. (Tried with v1 and v2 with similar results)

What do I do now? Break, cry, recover? Or is it possible to decrypt the files?

Attached are a sample of the affected files.

Regards,
Robert

4oFFUeV20k0mogsJZVpUMgkpGWHV37O3YkQ.oldbat

IMG_6585.JPG
Download Image

Share this post


Link to post
Share on other sites

Hi!

When trying Globe2 again it works like a charm!
I probly used the file that had only had it's name changed.

Sorry for the inconvenience, but a big thanks! :)

Regards,
Robert

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.