ProGamesTv

death_of_shadow encrypted.

Recommended Posts

Attach a ransom note and several encrypted files to your message. 

Place the executable file in an archive with a password 'infected' and also attach to the message.

Share this post


Link to post
Share on other sites

It appears to be new, so I've forwarded your files to our malware analysts for review.

Share this post


Link to post
Share on other sites

We already have the RAR file you posted the link to earlier, and our analysts are going to look at it as soon as they can.

If you want to share malicious files with us, then please upload them to VirusTotal, and post the link to the analysis here for us. VirusTotal links are safe to share, and we can still download the files.
https://www.virustotal.com/gui/home/upload

Share this post


Link to post
Share on other sites
2 hours ago, ProGamesTv said:

Rar file with password will not be analyzed. The file is protected from research. Here is an open result on VT.
https://www.virustotal.com/gui/file/6c7ee3d9bdb647382946f854a517b72a5ddf6d4804fd2fa75a84619c8548d121/detection 

The encryptor did not show himself in any way. 

Share this post


Link to post
Share on other sites

Perhaps Emsisoft analysts can figure out something.

Added identification as 'DeathOfShadow' to the service 'ID Ransomware'

Share this post


Link to post
Share on other sites

Unfortunately same issue happened to me yesterday. I hope Emsisoft team can come up with a decrepit tool 

Share this post


Link to post
Share on other sites
10 hours ago, ProGamesTv said:

My fault. Sorry. Do you found something to decrypt my data?

They (our malware analysts) need to analyze the ransomware first. They've taken a preliminary look at it, and the way it handles encryption sounds a bit peculiar, however we need to do more analysis before we can know whether or not it is decryptable.

Edited by GT500

Share this post


Link to post
Share on other sites
9 hours ago, Ana$ said:

Pro do you still have the malicious exe file? If you, please l need it

Please don't share malicious files with others. Those who actually need them know where to get them.

Share this post


Link to post
Share on other sites
14 hours ago, ProGamesTv said:

Do you found a encrypter?

I'd have to ask about the progress of analysis, but I don't think we need any more samples.

Share this post


Link to post
Share on other sites
On 8/27/2020 at 6:41 AM, GT500 said:

I'd have to ask about the progress of analysis, but I don't think we need any more samples.

Can you tell me something about progress?

Share this post


Link to post
Share on other sites
11 hours ago, ProGamesTv said:

Can you tell me something about progress?

I'll ask our malware analysts if there's any new information.

Share this post


Link to post
Share on other sites

Our malware analysts are still working on this one. There are some minor issues with the ransomware that they are trying to work out right now, however once they have that done hopefully they can let us know if it's decryptable or not.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.