Jump to content

.bpxgklpx extension

kaylaio
 Share Followers 1

Recommended Posts

Amigo-A

Amigo-A 136

Posted
Posted

This is random extension.

Many different encryptors use randomly generated extensions. For example, GandCrab, Magniber and anothers.

Upload a ransom note and one encrypted file to the site ID-Ransomware to identify the encryptor who encrypted your files.

Also upload a ransom note and 2-3 different encrypted files (jpg, png, txt, doc) in your next message so that we can verify and confirm the identification.

Link to post
Share on other sites
kaylaio

kaylaio 0

Posted
  • Author
Posted
22 minutes ago, Amigo-A said:

This is random extension.

Many different encryptors use randomly generated extensions. For example, GandCrab, Magniber and anothers.

Upload a ransom note and one encrypted file to the site ID-Ransomware to identify the encryptor who encrypted your files.

Also upload a ransom note and 2-3 different encrypted files (jpg, png, txt, doc) in your next message so that we can verify and confirm the identification.

Hi

Thank you for your reply.

Could you please help me confirm the following information?

1.The file that displays the ransom and payment information.......readme.txt

2.A file which has been encrypted, and cannot be opened......22480_41.doc.fbpxgklpx、107.docx.fbpxgklpx、pta_1464_5141132_03854.xlsx.fbpxgklpx

readme.txt 107.docx.fbpxgklpx 22480_41.doc.fbpxgklpx pta_1464_5141132_03854.xlsx.fbpxgklpx

Link to post
Share on other sites
kaylaio

kaylaio 0

Posted
  • Author
Posted
59 minutes ago, GT500 said:

It's been confirmed as Magniber. Unfortunately the only free decrypter was last updated over a year ago, so it won't be able to decrypt files from newer infections.

Thank you for you reply. 

If there is any solution in the future, please let us know.

tks

Link to post
Share on other sites
Amigo-A

Amigo-A 136

Posted
Posted

kaylaio

The fact that this Magniber can be seen by ransom note. No one else has that does not have this text. 

Description Magniber Ransomware (in the title there is a link to English from Google)

The early attack was aimed only at Korea.
Korean antivirus company AhnLab was able to collect variants and released a decoder.
Later, the attack was redirected to other countries of South-East Asia, and then to other countries.

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Link to post
Share on other sites
kaylaio

kaylaio 0

Posted
  • Author
Posted
3 hours ago, Amigo-A said:

kaylaio

The fact that this Magniber can be seen by ransom note. No one else has that does not have this text. 

Description Magniber Ransomware (in the title there is a link to English from Google)

The early attack was aimed only at Korea.
Korean antivirus company AhnLab was able to collect variants and released a decoder.
Later, the attack was redirected to other countries of South-East Asia, and then to other countries.

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Amigo-A

So sad......

Thanks anyway.😂

Link to post
Share on other sites
Amigo-A

Amigo-A 136

Posted
Posted

kaylaio


But this does not mean that it is impossible to decipher. It is important for you to leave the data provided by the extortionists and collect the encrypted files in a separate a place. Do not change the location of the files - let them be in the same folders, as now. Experience shows that sometimes it matters.

Link to post
Share on other sites
GT500

GT500 873

Posted
Posted
38 minutes ago, Amigo-A said:

It is important for you to leave the data provided by the extortionists and collect the encrypted files in a separate a place. Do not change the location of the files - let them be in the same folders, as now. Experience shows that sometimes it matters.

Yes, keeping a backup of the encrypted files and any ransom notes is a very good idea.

 

11 hours ago, Amigo-A said:

No one else tried to decrypt files after the attack of Magniber. No one tried !!!

Well, nothing was published publicly about anyone trying. That's not quite the same as no one trying at all, even though the end results may be the same.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Followers 1
Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

Products & Services

Ransomware/Malware Removal

Partners

Resources

Company

© 2003-2021 Emsisoft - 03/08/2021 - Legal Notice - Terms - Bug Bounty - System Status - Privacy Policy

×
×
  • Create New...