Jump to content

.Nuclear BTCW


Recommended Posts

I am assisting a customer that was infected with the .nuclear ransomware.  The files were appended with .[[email protected]]-id-DC145418.nuclear. They submitted a file that was decrypted.  They paid the ransom and were provided a decrypter named btcw.exe. They file ran, however, the decrypter just renamed the files and did not decrypt them.  When the file runs at the beginning it actually says "Your decrypt key is: ..." and lists the decrypt key.  The hackers are still communicating to an extent regarding the issue. However, my question is, can the decrypt key listed in the decrypter program be used in an form or fashion to manually decrypt the files?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...