gp2019

Please I need .acute decrypter tool

Recommended Posts

Please upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

Post the result here.

I see you also have a thread here

https://www.bleepingcomputer.com/forums/t/700190/i-need-decrypter-for-acute-ransome/

Share this post


Link to post
Share on other sites
1 hour ago, stapp said:

Please upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

Post the result here.

I see you also have a thread here

https://www.bleepingcomputer.com/forums/t/700190/i-need-decrypter-for-acute-ransome/

Thank you for your answer I have already done the result is phobos or Dharma (.cezar Family). Any help

would be really appreciated.

Share this post


Link to post
Share on other sites

@gp2019

There is reason to believe that two different Ransomware are spreading (Dharma and Phobos), which add such an extension to deceive the ID Ransomware.
This they have done many times. 
I recommend attaching a ransom note and an encrypted file to the message. I'll tell you exactly what kind of extortionist has encrypted your files.

Share this post


Link to post
Share on other sites
18 minutes ago, Amigo-A said:

@gp2019

There is reason to believe that two different extortionists are spreading, which add such an extension to deceive the ID Ransomware.
This they have done many times. 
I recommend attaching a ransom note and an encrypted file to the message. I'll tell you exactly what kind of extortionist has encrypted your files.

Thank you for your help. I have attached the files you asked.

acute2.rar

Share this post


Link to post
Share on other sites
Quote

BEOSAXILLEASKU.jpg.id[6C21BD38-1096].[[email protected]].acute

.id[6C21BXXX-1096] - this is ID from Phobos Ransomware
.[[email protected]] - this is contact
.acute - new extension 

info.txt and info.hta - notes of Phobos Ransomware

Jabber: [email protected] 

 

 

Screenshot_2.png
Download Image

Screenshot_1-2w.png
Download Image

Share this post


Link to post
Share on other sites

Unfortunately, for this variant of Phobos Ransomware and many previous ones there is no free decryptor. Information is regular cataloged. It is possible that the future will be possible to decrypt files or find a solution, which will be able to return some file types. So it was with different ransomwares.

Encrypted files are recommended to save.

---

No free decryptor and for new variants of Dharma Ransomware. Both extortionists come from the same source, their predecessors was the project Crysis Ransomware. Files encrypted by him after some time have been restored using free tools from Kaspersky, ESET and Avast. 

Share this post


Link to post
Share on other sites
3 hours ago, isak said:

Anyone tried paying to decrypt the files?

@isak

Yes, there are cases of successful decryption after the payment of the ransom, but there are also cases when the decryptor did not work. 
No need to trust extortionists.

Share this post


Link to post
Share on other sites

I emailed them a few times but they haven't replied back yet. How long does it take for them to reply?

Share this post


Link to post
Share on other sites
8 hours ago, isak said:

I emailed them a few times but they haven't replied back yet. How long does it take for them to reply?

We highly recommend not contacting the criminals yourself. If you do feel you need to try to contact them to get your files back, then we recommend having a third-party with experience negotiating with criminals like this contact them for you. There are a number of companies that offer this service, however CoveWare is the only one I tend to remember.

Share this post


Link to post
Share on other sites

We know several intermediary companies, but each time we learn that their mediation was not disinterested.

They agree with the extortionists to make a profit from the dealings.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.