Bradley

Files Encrypted with extension .combo

Recommended Posts

It is a good idea to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like one of our experts to review them.

Share this post


Link to post
Share on other sites

Dharma (.cezar Family)

 This ransomware has no known way of decrypting data at this time.

It is recommended to backup your encrypted files, and hope for a solution in the future.

Identified by

  • sample_extension: .id-<id>.[<email>].combo
  • sample_bytes: [0x140 - 0x180] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
  • custom_rule: Original filename "readme.txt" after filemarker

 

Click here for more information about Dharma (.cezar Family)

Share this post


Link to post
Share on other sites

Unfortunately there's no way to decrypt files that have been encrypted by Dharma without first obtaining the private key from the criminals who made/distributed the ransomware.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.