Sign in to follow this  

Recommended Posts

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like for me to review them.

Share this post


Link to post
Share on other sites

Hello,

 

I have the same problem.

 

Dharma (.cezar Family)

This ransomware has no known way of decrypting data at this time.

É recomendado que faça um backup dos ficheiros encriptados, e esperar por uma solução no futuro.

Identificado por

  • sample_extension: .id-<id>.[<email>].html
  • sample_bytes: [0x12020 - 0x12060] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
  • custom_rule: Original filename "bcdbackup.LOG" after filemarker

 

Clique aqui para mais informação sobre Dharma (.cezar Family)

 

my message is :

id-FCD87B48.[[email protected]].html

thank you

Share this post


Link to post
Share on other sites

There's no known way of decrypting files that have been encrypted by this version of Dharma without first obtaining the private key from the criminals who created/distributed the ransomware.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.