Jump to content

[email protected] Ransomware

TCO Jason
 Share Followers 2

Recommended Posts

Sarah W

Sarah W 26

Posted
Posted

Hi TCO Jason,

Wallet Dharma is unfortunately not decryptable. You can either backup your files and wait for a solution, or pay the criminals (we do not recommend this) currently.

RDP is how these criminals usually enter, so please secure it with a strong password.

Regards,

Sarah 

Link to post
Share on other sites
Gusi

Gusi 0

Posted
Posted

Hi - infected with .Wallet and when running Rakhni Decryptor by Kaspersky , I get a "processing error" - any ideas? help will be greatly appreciate it...

 

20:47:49.0429 0x2438  Trojan-Ransom.Win32.Rakhni decryption tool 1.17.17.0 Mar  1 2017 23:11:54
20:47:51.0433 0x2438  ============================================================
20:47:51.0433 0x2438  Current date / time: 2017/03/30 20:47:51.0433
20:47:51.0433 0x2438  SystemInfo:
20:47:51.0434 0x2438 
20:47:51.0434 0x2438  OS Version: 6.1.7601 ServicePack: 1.0
20:47:51.0434 0x2438  Product type: Server
20:47:51.0434 0x2438  ComputerName: ARES
20:47:51.0434 0x2438  UserName: administrator
20:47:51.0434 0x2438  Windows directory: C:\Windows
20:47:51.0434 0x2438  System windows directory: C:\Windows
20:47:51.0434 0x2438  Running under WOW64
20:47:51.0434 0x2438  Processor architecture: Intel x64
20:47:51.0434 0x2438  Number of processors: 4
20:47:51.0434 0x2438  Page size: 0x1000
20:47:51.0434 0x2438  Boot type: Normal boot
20:47:51.0435 0x2438  ============================================================
20:47:51.0535 0x2438  Initialize success
20:48:19.0785 0x2410  Number of worker threads: 4
20:48:30.0253 0x2410  File path: C:\Users\administrator.TEA\Desktop\test2\License_SQLNCLI_ENU.txt.id-0C677459.[[email protected]].wallet
20:48:30.0284 0x2410  Password recovered
20:48:30.0285 0x2410  Known suspicious file: C:\Users\administrator.TEA\Desktop\test2\License_SQLNCLI_ENU.txt.id-0C677459.[[email protected]].wallet
20:48:32.0951 0x2410  DecryptIO (C:\Users\administrator.TEA\Desktop\test2\License_SQLNCLI_ENU.txt) error
 

----

 

20:48:37.0821 0x2410  Folder scan statistic (C:\Users\administrator.TEA\Desktop\test2):
20:48:37.0821 0x2410  Processed: 3
20:48:37.0821 0x2410  Found: 3
20:48:37.0821 0x2410  Decrypted: 0
20:48:37.0821 0x2410  ================================================================================
20:48:37.0821 0x2410  Scan finished
20:48:37.0821 0x2410 

Link to post
Share on other sites
Sarah W

Sarah W 26

Posted
Posted

Hi Gusi,

Wallet Dharma is unfortunately not decryptable. You can either backup your files and wait for a solution, or pay the criminals (we do not recommend this) currently.

RDP is how these criminals usually enter, so please secure it with a strong password.

Regards,

Sarah 

Link to post
Share on other sites
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Followers 2
Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

Products & Services

Ransomware/Malware Removal

Partners

Resources

Company

© 2003-2021 Emsisoft - 01/20/2021 - Legal Notice - Terms - Bug Bounty - System Status - Privacy Policy

×
×
  • Create New...