Tonyol

GANDCRAB V5.1

Recommended Posts

my pc is infected with GANDCRAB V5.1 randsomeware. I believe i am free from randsomeware but all my files are encrypted. some have the extension RSHLBOK.RUMBA or just one of those.

Share this post


Link to post
Share on other sites

I can't be 100% certain, however based on the two different extensions your system may have been hit by two different ransomwares. "RSHLBOK" looks like a random 7-digit extension, and could be GandCrab. "RUMBA" may potentially be the STOP ransomware.

Recovery of files encrypted by the latest versions of GandCrab are currently not possible.

It may be possible to recover files that were encrypted by the RUMBA variant of the STOP ransomware. Michael Gillespie updated his STOPDecrypter for this variant of STOP, however it only works if the ransomware was unable to contact its command and control servers when it encrypted your files. There is more information at the following link:
https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-tro-djvu-rumba-openmetxt-support-topic/page-31#entry4673086

Share this post


Link to post
Share on other sites

Thanks GT500,

 

i have tryed to decrypt the files. Some of them are okay now. They where only hit by RUMBA.

the other ones are as you suggested still not accessible.

I hope someone find a solution for this.

Share this post


Link to post
Share on other sites
7 hours ago, Tonyol said:

the other ones are as you suggested still not accessible.

I hope someone find a solution for this.

BitDefender may eventually be able to update their GandCrab decrypter to support GandCrab 5.1. Keep an eye on BleepingComputer's news feed, as they will almost certainly announce when that happens:
https://www.bleepingcomputer.com/

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.