Jump to content

.ITLOCK Ransomware


Recommended Posts

Hello everybody,

in our business we got encrypted by the .ITLOCK Ransomware. We got 2 encrypted files that were decrypted. I also have a screenshot of a cmd line telling me [GENKEY][DONE]! I also got the data behind this. Is it possible to program a decrypt-tool for this ransomware or decrypt the files with those details?

 

Kind regards

!README_ITLOCK!.rtf

Link to comment
Share on other sites

I've got the decrypt tool from the ransom guy. The Problem now is that the log tells me "CryCha: Invalid RSA Message". Is there a chance that someone can help here when I upload the tool including the Key and decrypted data?

 

 

Link to comment
Share on other sites

11 hours ago, rr991 said:

I've got the decrypt tool from the ransom guy. The Problem now is that the log tells me "CryCha: Invalid RSA Message". Is there a chance that someone can help here when I upload the tool including the Key and decrypted data?

If you attach the tool, any keys they gave you, and a few encrypted files to a reply then I'll ask our malware analysts if they can take a look at it.

Link to comment
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...