Recommended Posts

My office PC is infected! Please  help me!
My computer had virus Ransomware, It had changed rename file .bpxgklpx extension

Thanks!!

Share this post


Link to post
Share on other sites

This is random extension.

Many different encryptors use randomly generated extensions. For example, GandCrab, Magniber and anothers.

Upload a ransom note and one encrypted file to the site ID-Ransomware to identify the encryptor who encrypted your files.

Also upload a ransom note and 2-3 different encrypted files (jpg, png, txt, doc) in your next message so that we can verify and confirm the identification.

Share this post


Link to post
Share on other sites
22 minutes ago, Amigo-A said:

This is random extension.

Many different encryptors use randomly generated extensions. For example, GandCrab, Magniber and anothers.

Upload a ransom note and one encrypted file to the site ID-Ransomware to identify the encryptor who encrypted your files.

Also upload a ransom note and 2-3 different encrypted files (jpg, png, txt, doc) in your next message so that we can verify and confirm the identification.

Hi

Thank you for your reply.

Could you please help me confirm the following information?

1.The file that displays the ransom and payment information.......readme.txt

2.A file which has been encrypted, and cannot be opened......22480_41.doc.fbpxgklpx、107.docx.fbpxgklpx、pta_1464_5141132_03854.xlsx.fbpxgklpx

readme.txt 107.docx.fbpxgklpx 22480_41.doc.fbpxgklpx pta_1464_5141132_03854.xlsx.fbpxgklpx

Share this post


Link to post
Share on other sites

It's been confirmed as Magniber. Unfortunately the only free decrypter was last updated over a year ago, so it won't be able to decrypt files from newer infections.

Share this post


Link to post
Share on other sites
59 minutes ago, GT500 said:

It's been confirmed as Magniber. Unfortunately the only free decrypter was last updated over a year ago, so it won't be able to decrypt files from newer infections.

Thank you for you reply.

If there is any solution in the future, please let us know.

tks

Share this post


Link to post
Share on other sites

kaylaio

The fact that this Magniber can be seen by ransom note. No one else has that does not have this text. 

Description Magniber Ransomware (in the title there is a link to English from Google)

The early attack was aimed only at Korea.
Korean antivirus company AhnLab was able to collect variants and released a decoder.
Later, the attack was redirected to other countries of South-East Asia, and then to other countries.

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Share this post


Link to post
Share on other sites
3 hours ago, Amigo-A said:

kaylaio

The fact that this Magniber can be seen by ransom note. No one else has that does not have this text. 

Description Magniber Ransomware (in the title there is a link to English from Google)

The early attack was aimed only at Korea.
Korean antivirus company AhnLab was able to collect variants and released a decoder.
Later, the attack was redirected to other countries of South-East Asia, and then to other countries.

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Amigo-A

So sad......

Thanks anyway.😂

Share this post


Link to post
Share on other sites

kaylaio


But this does not mean that it is impossible to decipher. It is important for you to leave the data provided by the extortionists and collect the encrypted files in a separate a place. Do not change the location of the files - let them be in the same folders, as now. Experience shows that sometimes it matters.

Share this post


Link to post
Share on other sites
38 minutes ago, Amigo-A said:

It is important for you to leave the data provided by the extortionists and collect the encrypted files in a separate a place. Do not change the location of the files - let them be in the same folders, as now. Experience shows that sometimes it matters.

Yes, keeping a backup of the encrypted files and any ransom notes is a very good idea.

 

11 hours ago, Amigo-A said:

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Well, nothing was published publicly about anyone trying. That's not quite the same as no one trying at all, even though the end results may be the same.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.