i dont have the original files anymore but i sent the encrypted ones.
Posted 07 September 2023 - 03:55 AM
i dont have the original files anymore but i sent the encrypted ones.
Posted 07 September 2023 - 07:57 AM
Edited by Amigo-A, 07 September 2023 - 07:59 AM.
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 07 September 2023 - 08:58 AM
i was able to find some original files and the encrypted ones .
Posted 07 September 2023 - 11:24 AM
m0rpheus90
Your files also have:
At the beginning of each encrypted file there is a marker: rymozvpgflsstrhd
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 07 September 2023 - 03:28 PM
m0rpheus90 (upload) samples of encrypted files, ransom notes and any contact email addresses to ID Ransomware (IDR) so we get this in the system for Demonslay335.
.
.
Microsoft MVP Alumni 2023
Windows Insider MVP 2017-2020
Microsoft MVP Reconnect 2016-2023
Microsoft MVP Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief
If I have been helpful & you'd like to consider a donation, click
Posted 07 September 2023 - 07:50 PM
i uploaded but it says this :
Unable to determine ransomware.
Please make sure you are uploading a ransom note and encrypted sample file from the same infection.
This can happen if this is a new ransomware, or one that cannot be currently identified automatically.
You may post a new topic in the Ransomware Tech Support and Help forums on BleepingComputer for further assistance and analysis.
Please reference this case SHA1: b80313b5e840eab8f783c22fd8b1c7d6d56ac6ba
Posted 07 September 2023 - 07:56 PM
That's a standard reply for new ransomware or one not currently identified. The point of the submission for now was to get samples into the system so Demonslay335 can manually inspect the files and compare with further submissions.
.
.
Microsoft MVP Alumni 2023
Windows Insider MVP 2017-2020
Microsoft MVP Reconnect 2016-2023
Microsoft MVP Consumer Security 2007-2015
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Retired Police Officer, Federal Agent and Coast Guard Chief
If I have been helpful & you'd like to consider a donation, click
Posted 10 September 2023 - 12:33 PM
I sent the files 'original and encrypted files.zip' to an antivirus company DrWeb for analysis. And I want to find out more precisely why they consider the file harmless, although the files are encrypted. I'll let you know their answer.
Edited by Amigo-A, 10 September 2023 - 12:33 PM.
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 11 September 2023 - 07:40 AM
m0rpheus90
Do you have access to the infected PC?
Several manipulations need to be done.
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 11 September 2023 - 08:42 AM
OK. Wait a while.
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 11 September 2023 - 10:03 AM
Instructions sent to PM
My site: The Digest "Crypto-Ransomware" + Google Translate
Posted 11 September 2023 - 01:20 PM
0 members, 1 guests, 0 anonymous users