hatttips

nemty revenge 2.2 decrypt

Recommended Posts

yesterday my server was hit by nemty 2.2 revenge 

---> NEMTY 2.2 REVENGE <---

Some (or maybe all) of your files got encryped.
We provide decryption tool if you pay a ransom.

Don't worry, if we can't help you with decrypting - other people won't trust us.
We provide test decryption, as proof that we can decrypt your data.

You have 3 month to pay (after visiting the ransom page) until decryption key will be deleted from server.
After 3 month no one, even our service can't make decryptor.

1) Web-Browser
  a) Open your browser.
  b) Open this link: http://nemty.top/public/pay.php
  c) Upload this file.
  d) Follow the instructions.

2) Tor-Browser
  a) Download&Install Tor-Browser.
  b) Open Tor-Browser.
  c) Open this link : http://zjoxyw5mkacojk5ptn2iprkivg5clow72mjkyk5ttubzxprjjnwapkad.onion/public/pay.php
  d) Upload this file.
  e) Follow the instruction.

<BEGIN NEMTY KEY>
KcF5AHI72uhbO7GHEkn1BP9E2BkpQPVnUsR1HlG0fhV1nARjoKet3HWNEhE7PUYXtrI97oSXgoarO0m0eDMvw9ucIUq2OI20BEM02YVwrf+xyzilXKGwBYDl+Qs7ae24M0kyoF+VV3r3iKL9FvsT6uvTwk8skQqA1zZKtSsE1QF1f41dSWJDFTz3pOHpahbHsNA0KzDKttycZrBNru0HohAs8n4oWQoCCjJ6CkQhcY7I1XXfgWFSK9neBSgvvompefziiSMQuK8WGi+mLzcYAUzWsaxoAx/foAAZd6e9SKFB3F8OJX8Nd5hnW32OpnEUgtKEGsDc7qvf6spl9loIZy4+bPOk+QHNXwjlWxRNiuN0Thb7cXaMAL0ypOYhRUmfkUzEGcwOOFm2xCXmjJZZKKQG1Jw8RnDiI9Wl5ohk8NXSEi8dn7181KnDDVeW/pzUo0hRpUEZ6Z2I4MjZHCLWGBPPxF9sNM8wIHvzrOHXGzlVKPEEJGtuCev7If5yTGppJgt/VAGCoQTHyvQZfUd7g3rTFRV3dxGHAvUnKJid1DlqvNl2Y2PdS+sTceMdrImB+C6EA116llnLWncSvZqzs3MrZRpUKPeR9zckHO0mLIs45kUg1Wg3A/uFhL0ul+0Ws9AHpOaab4bA/NMfbJ9ABejMCsGFC8fbsXhN2lsT1Ow7GN/Jhy5PALU6qmv9+vopKLB+Oe8TWlHWFP8WBATKeLCpXWmkiLTd3cabNeaOftSi2Jr/x6o89r8hUT6K6ytgxdkbUaBsVy7PedAvo1LtzRbWGSFzU0knh9mEUwrzlhgGby86XWM3OzHZkyoMfHuGigzKgRQH47kO7OBEAJgkgnojU+dAQVW6HZMpv070MB9p1QlZjFpXK+evDv4JQTLXD2iWznSvPaBd6X1N6TWJd9DZkoFNFJJiNb2Wrzsv88HIqb8OLNW9q26SVgzz56Hgo8mvB7M3bbnw6Zypk5/c/bFixM84Dcbrbg5tB1gKSagiJ4SbARH/BM/ij44rUYhjgfnP9HMEENFK0kA4uMqJGoEv6seWDPSLhhdbl+HuME9Hxh1ZBPa41Ak7M5RgPwf9G8RHlYNdcrPobfHjnmT9QXRO95WExPNxjF9c4vOcOPG7W+b5jDX0J3VAzIOOKLaizK+yCHKLOWVjSfirrOQZ5VjUazYOrbHXkw0USghHeVl/zslfZQnvb+nht2wQ6ZkZ2geXZitk4YiL3Yhd/Y9eYPqxDkiZ6zmkCjMwTRO49CZ6cPvXHpertrkAOs4u6zSL3wIP0MTJEj3R6/R+ncYpZ5H12zm25OgbkzKOLT9cWPS5fQh33WLc5GJYS9BtTILMsCo3ozrWi7HofmFhj2CLJg==BpMD+Sox/cL4LS3FSibTYJtv/Zgum0qe92fI0dN4oXMsOqVNXJca4apGhyRLBa42Ag/7ZlHedQeSWLftcvFL9A0AFskj0pmgPszjswHZHiKwhacp3T/V2iw0kjUauYHgYic1Y6pfdyN3gJ2+EDds6urFUayVzv+Xp9VVM54rGX6MrcInstNtt8VlfV1gDAvHVhqsDO9ttV4kv1anRNFt4J0PauNWG7Xf1SgIHdunGIYf21F2Wxvp+vCQ+sNrfPzz1WyY5rSs20qT/FWxwO7lsaxJwwreKPVtl0fGJ6gY9QIHkdbRQ2t4E6xOi83cVnQf8XsBbKl7REi9bQeFUVjqs4O/82wQ33xZlK4dT0ZA9P99ZzSZ+bMGnplW0qcIO6CJIKyAFJ6ecfqCPyes545rgRFtZSo3l3nT93o+zF52v6Mg9ye9T8VD8i1VV9xP/uWlaw66pbfvBXxyUoXSntKPRGouSc8Y8gUDLcoK3wHQnXKpX3GyoTMjDjY3ilxN2eEuu/9r7c52W03PrNlTeL2w9D6/aZE7iWU4CdHTLca0g+/AgYjnMP3f30Cc2wo7hmlWW3HJDgSeHZ0lErNdddyY3KKs/mbPWF4lLiyN0FLBJQzifDCG7UrWd8A4hQYhKSIzfXwyU+U5qAGohG2XBXCrk5N2Bk93Q+uJFJIJ7g4P1UGPpVoGNijU3a+/KKy41fU5YUO9p7gy3kgliu2FUP/blh4odLwhEfVtAb4s869hB1i2khKCeQTE7Nu6lLFzMdhn7GpAtyJ8cUzOetS02c2t52SnpdGgPeK6H7dP9J/SNs9L+y7bh55CfXiC7OUOQuBPPTU7arEJk9mWPu3gVdWCrhweVtPgal2zFRQQQagdQWF97Gz387v2KsiDDY2j1YLd3DEZEI42b4GJi3/B6tXn6emLT0P+jPZFTdpUagJJ0XVvmJgwXV+sFFaoXJVrBsiH+sH0Eng9qQzWj1nzsLcSyVwS5UwMgMaz4pfUu1yQ+Fa/PcAjZyxkjwT3zMsq3BfM9bGeb86seneErOJ8Xc5pgqMgM7QPWBwYC0kSEW4BeDsGSYiXEJ+0LhSm4YTOy2w9cVxj5m9ZePBh/Gkp8Gbseg40O8tF5YgLgf6yIia8SfbmqghahyDoPwiEqjoUaZztwpGKC6j61QKzdLJhRAgNyEfQLtR+Kl5b1xDEVEHR2JdqINPTtzASqc3pa/waRfREWaAvgRt8E0laVe4Q2RLyI1/x5Mbxac14fVK6GTzPx8bSLjMmcLj7qk8+6Y4dm86g3Jpax1OOsi2pKddCGUn3TTaJkVcgeU+pK54kXhVPz3PYKoF79OSZXwIGr7JnL0duKfY4uaVLOkZkigOBLlhiHA==

Share this post


Link to post
Share on other sites

The last I've heard, the flaw that allowed for decryption of files had been fixed in Nemty Revenge.

Share this post


Link to post
Share on other sites
10 hours ago, GT500 said:

The last I've heard, the flaw that allowed for decryption of files had been fixed in Nemty Revenge.

does it mean that decryption is impossible? omggggg

i have no money to pay....... but files are really important........

Share this post


Link to post
Share on other sites

Hello @hatttips

Attach 3-5 different encrypted files and a ransom note file. Do not change or edit anything.

Put the files in the archive so that nothing is changed by the forum protection.

I will transfer the files for further analysis. 

Share this post


Link to post
Share on other sites
9 hours ago, Amigo-A said:

Hello @hatttips

Attach 3-5 different encrypted files and a ransom note file. Do not change or edit anything.

Put the files in the archive so that nothing is changed by the forum protection.

I will transfer the files for further analysis. 

sirrr, is it ok?

 

Share this post


Link to post
Share on other sites
On 12/2/2019 at 7:46 PM, Amigo-A said:

I have already sent the files that you gave for additional analysis in DrWeb. At least we will know the results.

hello, can u help me even my pc is encrypted with nemty 2.4 revenge idk how to decrypt

i can attach files

Share this post


Link to post
Share on other sites

 Dr.Web knows this ransomware as Trojan.Siggen8.40291, Trojan.Encoder.29411, Trojan.Encoder.29417... 
"Dr.Web service of decryption" said to me that decryption after the attack Nemty Ransomware (1.0, 2.0, 2.2... ) is possible, but only if the system has not been re-installed.

If someone wants to return their files, then they should not do anything with the system and files. Otherwise, it makes no sense to seek help. You need to be patient and firm in achieving your target.

Anyone can make a free request himself and then only track changes and provide files.
http://legal.drweb.ru/encoder/?lng=ru
http://legal.drweb.com/encoder/?lng=en

Share this post


Link to post
Share on other sites
On 2/16/2020 at 4:08 PM, Amigo-A said:

 Dr.Web knows this ransomware as Trojan.Siggen8.40291, Trojan.Encoder.29411, Trojan.Encoder.29417... 
"Dr.Web service of decryption" said to me that decryption after the attack Nemty Ransomware (1.0, 2.0, 2.2... ) is possible, but only if the system has not been re-installed.

If someone wants to return their files, then they should not do anything with the system and files. Otherwise, it makes no sense to seek help. You need to be patient and firm in achieving your target.

Anyone can make a free request himself and then only track changes and provide files.
http://legal.drweb.ru/encoder/?lng=ru
http://legal.drweb.com/encoder/?lng=en

for version 2.5? dr web could help me?

Share this post


Link to post
Share on other sites
8 hours ago, georgevacilica said:

for version 2.5? dr web could help me?

Dr.Web has a another classification of encryptors.

You need make a request if you have files, they don’t ask money for a test.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.