Bradley

Files Encrypted with extension .combo

Recommended Posts

It is a good idea to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like one of our experts to review them.

Share this post


Link to post
Share on other sites

Dharma (.cezar Family)

 This ransomware has no known way of decrypting data at this time.

It is recommended to backup your encrypted files, and hope for a solution in the future.

Identified by

  • sample_extension: .id-<id>.[<email>].combo
  • sample_bytes: [0x140 - 0x180] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
  • custom_rule: Original filename "readme.txt" after filemarker

 

Click here for more information about Dharma (.cezar Family)

Share this post


Link to post
Share on other sites

Unfortunately there's no way to decrypt files that have been encrypted by Dharma without first obtaining the private key from the criminals who made/distributed the ransomware.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.