hamdhoon

Recommended Posts

GT500    812

GT500
Posted

ID Ransomware's detection of Cry36 is pretty good, and considering the sample bytes and extension match exactly I'd say the detection was accurate.

Note that ID Ransomware is also correct when it says that there is no known way to decrypt your files.

Share this post

Link to post
Share on other sites

Amigo-A    132

Amigo-A
Posted

CryptON - this was the first name in the identification database 'ID Ransomware' before the appearance of Cry128, Cry9, Cry36.
It was used to identify some variants from the X3M + Nemesis family.
Later, were left in 'ID Ransomware' only Cry128, Cry9, Cry36, although the extortionists themselves several times reported on the real used names X3M, Nemesis, CryptON, about their tasks and goals.

The affected users informed me of some successful decryption of individual Cry36 variants using the KL tool

But many Cry36 variants have remained not be decrypted.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.