Infected with Cry9 Ramsomware

Recommended Posts


My system been infected with Cry9 ramsomware but when i tried decrypter i didn't work even though when file was tested i got below reply. 

This ransomware is decryptable! Identified by sample_bytes: [0x4F4B - 0x4F8E] 0x00000000000000000000000000000000000000000000000000000000000F86191F2 Click here for more information about Cry9

Could Please check and see if you can render any help... I have attached one infected file for your reference


Star of

Share this post

Link to post
Share on other sites

 All of us Cry9 36 byte variant victims are here .  There is no decryptor yet.  Just keep checking the thread for any updates.  Most of us have the 36 byte difference in file pairs, but there have been a couple of people mention a 61? byte difference.  Which may mean it's a different variant altogether.  Not sure.

Share this post

Link to post
Share on other sites

Hi Sam :)

Would you happen to have an encrypted file, and the original file (not encrypted)? If not, we'll try something.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.