Sign in to follow this  
Salman

Salman

Recommended Posts

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like one of our experts to review them.

Share this post


Link to post
Share on other sites

That certainly appears to be a variant of the STOP/Djvu ransomware.

Your ID doesn't appear to be an offline ID, so the chances of being able to decrypt your files is slim. That being said, if you download STOPDecrypter, run it, and copy and paste the ID and MAC it gives you into a reply then I can forward them to the create of STOPDecrypter in case he is able to figure out your decryption key at some point in the future. Here's a link to instructions on how to do that:
https://kb.gt500.org/stopdecrypter

Share this post


Link to post
Share on other sites

nothing happened at the end

 

[-] Fatal Error: (5) Access is denied: [C:\Users\Dell\Recent]
[-] Aborting
[-] Fatal Error: (5) Access is denied: [C:\Users\Dell\SendTo]
[-] Aborting
[-] Fatal Error: (5) Access is denied: [C:\Users\Dell\Start Menu]
[-] Aborting
[-] Fatal Error: (5) Access is denied: [C:\Users\Dell\Templates]
[-] Aborting

Decrypted 363 files!
Skipped 133 files.

 

nothing is ahed

Share this post


Link to post
Share on other sites

[!] No keys were found for the following IDs:
[*] ID: O9eZw1aNwCAw3YuK8sTLTAHVJr149IdSKyj2Gmd5 (.verasto )
Please archive these IDs and the following MAC addresses in case of future decryption:
[*] MAC: C8:3A:35:CB:F3:85
This info has also been logged to STOPDecrypter-log.txt[!] No keys were found for the following IDs:
[*] ID: O9eZw1aNwCAw3YuK8sTLTAHVJr149IdSKyj2Gmd5 (.verasto )
Please archive these IDs and the following MAC addresses in case of future decryption:
[*] MAC: C8:3A:35:CB:F3:85
This info has also been logged to STOPDecrypter-log.txt

 

 

plz reply

Share this post


Link to post
Share on other sites

I have this versto too it so bad 

I try alot of keys but no thing 

Stop decrypter doest work 

Only key is work is rectordecryptor but all file come with damge i cant open any one i dont know why 

Salman try use rectordecryptor from kaspersky toll maybe its work for u try it and tell me what happen files come with damge like me or what happen 

Gt500 what we can do nw bro we need this file rly we need it there is no other way to back it ???

Share this post


Link to post
Share on other sites
On 4/25/2019 at 12:52 PM, Kareem said:

Gt500 what we can do nw bro we need this file rly we need it there is no other way to back it ???

Unfortunately we had some database issues and were forced to to restore from a backup, so my replies to this topic yesterday (as well as any replies anyone else may have left here) are gone:

 

Please note however that the time window for figuring out private keys for this variant of STOP/Djvu has passed, and for the moment there won't be a way to recover files.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.