DNZ77

*****_LeChiffre variant

Recommended Posts

Hello, we've found all our servers encrypted by (it seems) a new LeChiffre variant few days ago. I've tried three different decryptors, but noone worked.

I've tried to rename the extension, from .QWERTY_lechiffre to .lechiffre and your decryptor found the infected files and "almost" recovered them, with "almost" i mean i can open them, for example an xlsx, but something is leggible, and something isn't.

I've contacted them via telegram and they sent me the decryptor, but it is in a rar password protected (obviously that password will come after the payment). If it can be of an use for you i can upload few files, the ransom note and the compressed decryptor.

 

Thanks.

Share this post


Link to post
Share on other sites
22 hours ago, chango said:

We have the same problem, how did you solved it?

As far as I am aware, there is no way to decrypt files that have been encrypted by this ransomware.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.