Sam005

Infected with Cry9 Ramsomware

3 posts in this topic

Hi,

My system been infected with Cry9 ramsomware but when i tried decrypter i didn't work even though when file was tested i got below reply. 

This ransomware is decryptable! Identified by sample_bytes: [0x4F4B - 0x4F8E] 0x00000000000000000000000000000000000000000000000000000000000F86191F2 Click here for more information about Cry9

Could Please check and see if you can render any help... I have attached one infected file for your reference

 

Star of Security.docx.id_3834083310_2irbar3mjvbap6gt.onion.to._

0

Share this post


Link to post
Share on other sites

 All of us Cry9 36 byte variant victims are here .  There is no decryptor yet.  Just keep checking the thread for any updates.  Most of us have the 36 byte difference in file pairs, but there have been a couple of people mention a 61? byte difference.  Which may mean it's a different variant altogether.  Not sure.

0

Share this post


Link to post
Share on other sites

Hi Sam :)

Would you happen to have an encrypted file, and the original file (not encrypted)? If not, we'll try something.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.