Jump to content

Ransomware Encryptor 725

Recommended Posts


Because of one user's in our company fail we were infected with Ransomware that encrypt files and change their extension to 725.

Fortunately this user had only users privileges on his PC. Unfortunately he had a lot of full access folders in network. Thats why we lost a lot of important information before viral activity was detected and stoped.

When i send request to decrypt one of files, i should send both encrypted file and RECOVER-FILES.html to perpetrator.

You can find encrypted, original (from backup) and  RECOVER-FILES.html files in attachment.

So, maybe it's possible to decrypt our files without payment to terrorists? This is not so huge sum, but you know, if you pay to terrorists, you help them to start new attacks.

Thanks in advance.



KPMG Belarus.PDF

KPMG Belarus.PDF.725


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...