Recommended Posts

That could be Dharma, however sometimes e-mail addresses get reused by multiple ransomware campaigns, so I still recommend following stapp's instructions to upload a copy of a ransom note and an encrypted file to ID Ransomware to be certain:

Share this post

Link to post
Share on other sites

After you make these recommendations, please check: 

1) the accuracy of the filename with the extension added[[email protected]].com

2) ransom notes: FILES ENCRYPTED, Info.hta

3) Email from ransom notes: [email protected], [email protected]

If all of this data is the same, then your files are exactly encrypted Dharma Ransomware

Now a 1.5 year there is no successful decryption, no free public decrypters for files after Dharma.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.