Sign in to follow this  
Followers 0
Andrzej

[email protected]_email - how to decryt?

By Andrzej, in Ransomware First Aid

Recommended Posts

Andrzej    0

Andrzej
Posted

Hello,
I have a computer which has been encrypted and an explosion of encrypted files has the form:
crypted_asano @ cock_email
The catalog with encrypted files contains the following information:
 

 

Quote

 

Your files are encrypted!

Your documents, photos, databases and all the rest files encrypted cryptographically strong algoritm.
Without a secret key stored with us, the restoration of your files is impossible
 
----------------------------------------------------------
You will be able to restore files so:
  • To contact us by e-mail: [email protected] & send your personal ID and 3 crypted files, up to 3 MB in size everyone.
  • We will decipher them, as proof that we can do this. Also you receive the instruction where and how many it is necessary to pay.
  • You pay and confirm payment.
  • after payment you receive the DECRYPTOR program, which restored ALL YOUR FILES.
---------------------------------------------------------
Your personal ID: 
.................
----------------------------- P.S. ----------------------------------
  • It is in your interest to respond as soon as possible to ensure the recovery of your files, because we will not store your decryption keys on our server for a long time.
  • If we do not respond to your message for more than 48 hours, write to the backup email : [email protected]

 

 



How can I decrypt files?

Regards
Andrew

Share this post

Link to post
Share on other sites

GT500    456

GT500
Posted

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like for me to review them.

Share this post

Link to post
Share on other sites

Andrzej    0

Andrzej
Posted

Hi,

Link https://id-ransomware.malwarehunterteam.com/identify.php?case=956727ac8539590f744e8d08ebc831c374b429d0

  

1 Result
GlobeImposter 2.0
This ransomware has no known way of decrypting data at this time.

It is recommended to backup your encrypted files, and hope for a solution in the future.

Identified by

    ransomnote_filename: how_to_back_files.html
    custom_rule: victim ID in encrypted file

 

 

 

Best regards,

Andrew.

Share this post

Link to post
Share on other sites

GT500    456

GT500
Posted

There's currently no known way to decrypt files that have been encrypted by GlobeImposter 2.0 without first obtaining the private key from the criminals who made/distributed the ransomware. Since the ransomware generates new public and private keys for every computer it infects, it isn't even possible to use a decryption tool that was given to another victim who paid the ransom.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Ransomware First Aid

  • Recently Browsing   0 members

    No registered users viewing this page.