PhilJaume 0 Report post Posted October 24 Hi, since yesterday we've been infected by a ransomware with file extension *.encrypted. I've tried to find the name of this ransomware with the software ID Ransomeware" but it return that it is an unknow one. How could I do ? Any help will be more than appreciate. Rgds Quote Share this post Link to post Share on other sites
stapp 130 Report post Posted October 24 Please attach the original file of ransom note and several encrypted files to your message so that one of our experts can examine them. Quote Share this post Link to post Share on other sites
PhilJaume 0 Report post Posted October 24 Attached are some files. Hope you could help me. Thanks a lot Backup.Log.encrypted filtrea-logo-accepté.JPG.encrypted HOW_TO_RECOVER_DATA.html LOGO AFIMO SPECIAL.JPG.encrypted ReadmeSQLEXP2005.htm.encrypted Quote Share this post Link to post Share on other sites
Amigo-A 44 Report post Posted October 24 We know which ransomware it is, but the HOW_TO_RECOVER_DATA.html file is corrupt. You must first place it in a zip archive, and then attach it to a new message. After that, the identification will be accurate. Quote Share this post Link to post Share on other sites
PhilJaume 0 Report post Posted October 24 here they are thanks a lot HOW_TO_RECOVER_DATA.html HOW_TO_RECOVER_DATA.rar Quote Share this post Link to post Share on other sites
Amigo-A 44 Report post Posted October 24 This is MedusaLocker Ransomware Identification resulthttps://id-ransomware.malwarehunterteam.com/identify.php?case=397a7586fd127d516a33e02733b0d9e3f739f9c5 There are several similar ransomware that copy elements from others in order to confuse identification, scare victims and mislead researchers. In most cases, the service ID Ransomware accurately determines the encryptor that encrypted the files. First, they used a different note design, then they took what you see, from other ransomware. It is possible that they are even familiar and actively collaborate. Support and Help Topic >> Quote Share this post Link to post Share on other sites