Unknow ransomware

[PhilJaume 0]

Hi,

 

since yesterday we've been infected by a ransomware with file extension *.encrypted.

I've tried to find the name of this ransomware with the software ID Ransomeware" but it return that it is an unknow one.

How could I do ?

Any help will be more than appreciate.

Rgds

 

[stapp 152]

Please attach the original file of ransom note and several encrypted files to your message so that one of our experts can examine them.

[PhilJaume 0]

Attached are some files.

Hope you could help me.

 

Thanks a lot

Backup.Log.encrypted filtrea-logo-accepté.JPG.encrypted HOW_TO_RECOVER_DATA.html LOGO AFIMO SPECIAL.JPG.encrypted ReadmeSQLEXP2005.htm.encrypted

[Amigo-A 136]

We know which ransomware it is, but the HOW_TO_RECOVER_DATA.html file is corrupt.

You must first place it in a zip archive, and then attach it to a new message.
After that, the identification will be accurate.

[PhilJaume 0]

here they are

thanks a lot

HOW_TO_RECOVER_DATA.html HOW_TO_RECOVER_DATA.rar

[Amigo-A 136]

This is MedusaLocker Ransomware

Identification result
https://id-ransomware.malwarehunterteam.com/identify.php?case=397a7586fd127d516a33e02733b0d9e3f739f9c5

There are several similar ransomware that copy elements from others in order to confuse identification, scare victims and mislead researchers.
In most cases, the service ID Ransomware accurately determines the encryptor that encrypted the files.

First, they used a different note design, then they took what you see, from other ransomware. It is possible that they are even familiar and actively collaborate.

Support and Help Topic >>