Sam005

Infected with Cry9 Ramsomware

Recommended Posts

Sam005    0

Hi,

My system been infected with Cry9 ramsomware but when i tried decrypter i didn't work even though when file was tested i got below reply. 

This ransomware is decryptable! Identified by sample_bytes: [0x4F4B - 0x4F8E] 0x00000000000000000000000000000000000000000000000000000000000F86191F2 Click here for more information about Cry9

Could Please check and see if you can render any help... I have attached one infected file for your reference

 

Star of Security.docx.id_3834083310_2irbar3mjvbap6gt.onion.to._

Share this post


Link to post
Share on other sites
bruticus0    3

 All of us Cry9 36 byte variant victims are here .  There is no decryptor yet.  Just keep checking the thread for any updates.  Most of us have the 36 byte difference in file pairs, but there have been a couple of people mention a 61? byte difference.  Which may mean it's a different variant altogether.  Not sure.

Share this post


Link to post
Share on other sites
Aura    27

Hi Sam :)

Would you happen to have an encrypted file, and the original file (not encrypted)? If not, we'll try something.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.