Jump to content

.BE87R file extension


Recommended Posts

Infected Server2008. File extensions end in ".BE87R". Ransom notes indicate "Nemesis decryptor". Email associated is "[email protected]"

id-ransomware.malwarehunter.com reports that the files I submit are part of the Dharma .wallet family. Running the "avast_decryptor_crysis.exe" indeed shows that it sees the encrypted files as it processes them, but at the same time indicates no encrypted files found.

Using the Cry128 decryptor, it doesn't recognize anything..

### DECRYPT MY FILES ###.txt

Link to comment
Share on other sites

Hi LeonardCaldwell,

You're dealing with Cry36, you can see more of the discussion about it here.

I suggest making sure RDP is secure and no weak passwords are being used, and also making sure all critical windows updates are installed.

Regards,

Sarah W

  • Upvote 1
Link to comment
Share on other sites

Very much appreciate your help & response! Thank you to the entire 30-person (or so) team that puts their time & efforts into these situations... We usually do it to ourselves. I went through that post, and will do so again - I likely missed something. I'm hoping there is a decryptor that i missed first time around. Luckily, we had offsite backups, because the NAS was hit as well. I've already rebuilt the server and double-checked firewall for any changes, but I'd like to decrypt that NAS...

THANK YOU

Link to comment
Share on other sites

 

My pc was attacked by a BE87R and all my files were encrypted with this extension. Can somebody help me? These are some of the files I could recover from a backup.

*** ALL YOUR WORK AND PERSONAL FILES HAVE BEEN ENCRYPTED ***

To decrypt your files you need to buy the special software – «Nemesis decryptor»
You can find out the details / buy decryptor + key / ask questions by email: [email protected]

Your personal ID: XXXXXXXXX

Using the Cry128, Cry9, decrypt_Amnesia,decrypt_Amnesia2 decryptor, it doesn't recognize anything.

THANK YOU

 

GRUPO linkedin.docx.id-3914712426_[[email protected]].be87r

GRUPO linkedin.docx

Ventas 1.0 CompEnLinea exceldiario (1).xlsx.id-3914712426_[[email protected]].be87r

Ventas 1.0 CompEnLinea exceldiario (1).xlsx

Ventas 2.0 exceldiario (1).xlsx

Ventas 2.0 exceldiario (1).xlsx.id-3914712426_[[email protected]].be87r

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...