Jump to content

Recommended Posts

Hello everybody,

in our business we got encrypted by the .ITLOCK Ransomware. We got 2 encrypted files that were decrypted. I also have a screenshot of a cmd line telling me [GENKEY][DONE]! I also got the data behind this. Is it possible to program a decrypt-tool for this ransomware or decrypt the files with those details?

 

Kind regards

!README_ITLOCK!.rtf

Link to post
Share on other sites

I've got the decrypt tool from the ransom guy. The Problem now is that the log tells me "CryCha: Invalid RSA Message". Is there a chance that someone can help here when I upload the tool including the Key and decrypted data?

 

 

Link to post
Share on other sites
11 hours ago, rr991 said:

I've got the decrypt tool from the ransom guy. The Problem now is that the log tells me "CryCha: Invalid RSA Message". Is there a chance that someone can help here when I upload the tool including the Key and decrypted data?

If you attach the tool, any keys they gave you, and a few encrypted files to a reply then I'll ask our malware analysts if they can take a look at it.

Link to post
Share on other sites
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...