Sign in to follow this  
Mussharraf Hossen Shoikot

URL THAT LEADS TO MALWARE. DECRYPTOR NEEDED

Recommended Posts

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like for me to review them.

Share this post


Link to post
Share on other sites

@GT500 emsisoft decryptor fails to decrypt. new decryptor needed for anything encrypted with the ransomware i gave in link.

 

Error: No key for New Variant online ID: aze3gYBYnp1s1LMW8eFJLIkqAEWrawHShXVztRSq
Notice: this ID appears to be an online ID, decryption is impossible

Finished!

Edited by Mussharraf Hossen Shoikot

Share this post


Link to post
Share on other sites
18 hours ago, Mussharraf Hossen Shoikot said:

No key for New Variant online ID: aze3gYBYnp1s1LMW8eFJLIkqAEWrawHShXVztRSq
Notice: this ID appears to be an online ID, decryption is impossible

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
13 hours ago, Mussharraf Hossen Shoikot said:

@GT500 did you not read my first post? "make decryptor" is written there. it means I know there is no decryptor yet but needs to be made. I gave the url to ransomware in first post. use it

Please don't post links to live malware in the public forums. You can upload it to VirusTotal and post a link to the analysis, but we don't want links to malicious files that anyone can follow and download from.

Also, we know this ransomware well, and we already have a decrypter for it. I've already explained that it is impossible to decrypt your files as they have an online ID, and they can only be decrypted using the private key for your ID, which is only in the possession of the criminals who made/distributed the ransomware.

Share this post


Link to post
Share on other sites
On 8/26/2020 at 11:29 AM, GT500 said:

Please don't post links to live malware in the public forums. You can upload it to VirusTotal and post a link to the analysis, but we don't want links to malicious files that anyone can follow and download from.

Also, we know this ransomware well, and we already have a decrypter for it. I've already explained that it is impossible to decrypt your files as they have an online ID, and they can only be decrypted using the private key for your ID, which is only in the possession of the criminals who made/distributed the ransomware.

anyway to forward this by your organization (emsisoft) to organizations that can catch them and extract the private keys?

Share this post


Link to post
Share on other sites
14 hours ago, Mussharraf Hossen Shoikot said:

anyway to forward this by your organization (emsisoft) to organizations that can catch them and extract the private keys?

Only the criminals have the private keys. The only time a private key will ever be on your computer is if you pay the ransom and the criminals send you a decrypter.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.