Jump to content

.Nuclear BTCW


elhajoco
 Share

Recommended Posts

I am assisting a customer that was infected with the .nuclear ransomware.  The files were appended with .[[email protected]]-id-DC145418.nuclear. They submitted a file that was decrypted.  They paid the ransom and were provided a decrypter named btcw.exe. They file ran, however, the decrypter just renamed the files and did not decrypt them.  When the file runs at the beginning it actually says "Your decrypt key is: ..." and lists the decrypt key.  The hackers are still communicating to an extent regarding the issue. However, my question is, can the decrypt key listed in the decrypter program be used in an form or fashion to manually decrypt the files?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...