TechSup11 Posted December 22, 2017 Report Share Posted December 22, 2017 Stampado files were found on an old server of a new client. the Infection seems long gone, but a picture of the ransom note is attached. The files do not seem to be decrypting, any advice is appreciated. Thank You 6DAD3FE5F526176E8BE9D6AE04D9088CD286C34A6311FE7CD961BAD0876B3917.locked 6EAD46EBF65F1314F3EAD6D904D8088FD584C33F63178509DC1ABBA4871A.LOCKED 6EDA479DF65F1314F0EBD3AB00D90CFCA981C43E1E1A850AD86DC7D4831A3D1050C98365....locked Link to comment Share on other sites More sharing options...
Fabian Wosar Posted December 22, 2017 Report Share Posted December 22, 2017 The encrypted files are useless. We will require the ransomware executable that encrypted those files in order to extract the necessary information. Link to comment Share on other sites More sharing options...
GT500 Posted December 22, 2017 Report Share Posted December 22, 2017 Let's try getting a log from FRST, and see if it shows any information about the ransomware infection. You can find instructions for downloading and running FRST at the following link:https://helpdesk.emsisoft.com/Knowledgebase/Article/View/274/55/running-a-scan-with-frst Link to comment Share on other sites More sharing options...
Recommended Posts