Rayzor099 Posted July 25, 2017 Report Share Posted July 25, 2017 I had an rdp port open on my Win2k12 test system which has all my lab work on. I'm currently doing training and would really like to have this data back. I have provided a backup of one file that is unencrypted and the file that is encrypted. I've tried several decryptors without any luck. It looks like a new variant. I've included the files and the ransom note as well. Your help would be greatly appreciated as I cannot afford the ransom. Ray RAYZOR81CLONE_1B243F7E-B6C1-46DC-B4EB-C8E338E16792.avhdx.id_2893718895_[[email protected]].zip Link to comment Share on other sites More sharing options...
Fabian Wosar Posted August 1, 2017 Report Share Posted August 1, 2017 This appears to be a variation of Cry36. There is, unfortunately, no public fix for it at the moment. Kaspersky was successful in some limited number of cases, so you may want to try and contact them. Link to comment Share on other sites More sharing options...
Recommended Posts