landozzo 0 Posted January 18, 2019 Report Share Posted January 18, 2019 hi everyone. I was infected by (i think) cry128. I tried to use Emsisoft software to decrypt my files but but it did not succeed. can I ask for an analysis of my infection? attached to this post I leave a zip file with an infected file by ransomware (a jpg), its "clean" version and the txt file requesting payment. can anyone help me? excuse for my bad english (google translator helped me) and thank you in advance cry.zip Quote Link to post Share on other sites
GT500 873 Posted January 18, 2019 Report Share Posted January 18, 2019 I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like for me to review them. Quote Link to post Share on other sites
GT500 873 Posted January 18, 2019 Report Share Posted January 18, 2019 Actually, now that I take a closer look, I see the file you attached to your post had both the ransomware note and an encrypted file. The ransomware isn't Cry128. It's Cry36:https://id-ransomware.malwarehunterteam.com/identify.php?case=f9053f58e498cdeb514438293472248bf6e85819 There's no known way to decrypt files that have been encrypted by Cry36 without first obtaining the private key from the criminals who created/distributed the ransomware. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.