KW87

How to decrypt virus ransomware .mado (STOP Djvu). Please Help

Recommended Posts

Hi all,

My laptop has been infected with mado virus (STOP Djvu), all my document, video, photo file are encrypted. Malwares is removed but file still encrypted. Any solution to decrypt the mado files?

Below is the Emsisoft decryotor result and attached mado file and readme file.

Starting...

File: C:\Users\KW1\Desktop\TEST\2_12.JPG.mado
No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

Finished!

_readme.txt 2_12.JPG.mado

Share this post


Link to post
Share on other sites

My computer are infected too i already remove but my files are still crypted

personal ID:
0217OIWojlj488TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1

We have identified "STOP (Djvu)". This ransomware may be decryptable under certain circumstances.
Please refer to the appropriate guide for more information.

Identified by:

ransomnote_email: [email protected]
sample_bytes: [0x1290C - 0x12932] 0x7B33364136393842392D443637432D344530372D424538322D3045433542313442344446357D
Click here for more information about STOP (Djvu).
Case number: 62c8a4a412662960e2d2e6b3675d2fc34ce7eaef1586068617

 

Share this post


Link to post
Share on other sites
On 4/5/2020 at 1:37 AM, KW87 said:

No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Hello new here.

My friends computer got infected with this .mado virus. I already clean all. But all documents, photos and important files are contaminated. I already try using the decrypt programs but still can´t decrypted. So i need help. Do I recover the files? or are thry lost forever? its very important documents and files for business, so i really apreciate if someone could help me. thanks. I put some files just to see if someone could help me ... thanks a lot!

_readme.txt 131607_wallpaper-photo-full-hd.jpg.mado

Share this post


Link to post
Share on other sites
9 hours ago, CintiaSB said:

My friends computer got infected with this .mado virus. I already clean all. But all documents, photos and important files are contaminated. I already try using the decrypt programs but still can´t decrypted. So i need help. Do I recover the files? or are thry lost forever? its very important documents and files for business, so i really apreciate if someone could help me. thanks. I put some files just to see if someone could help me ... thanks a lot!

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.