Hey! I got infected by the same ransomware today. Currently fighting against it. If you get something that works please let me know! I will do too.
edit: actually I didn't get infected, a customer's computer did.
Doesn't look like gomasom. Gonna try chimera and cryptinfinite and post back.
Update: Crpytinfinite decripter DOES NOT work. Gomasom seems to be looking for the key as of now.
It's not Chimera also.
Can you submit a few encrypted files and the ransom note for analysis? You may upload them here: http://www.bleepingcomputer.com/submit-malware.php?channel=168
Hey man! Thanks for you reply.
I just uploaded two of the ransom notes that appear (they all say the same, but one is .html, one txt and one bmp) and a .7z with an excel file and a pdf that are encrypted on the user's desktop.
Also! I used the link on your comments, and using the .bmp as ransom note it says that it might be tesla 3.0 or 4.0 and that there's no solution.
Thanks for all the help! Really appreciate it
Edit: The ransom website allows you to decrypt 1 file for free, so im gonna try and decrypt one file and upload both the encrpyted and decrypted versions.
Edit 2: also, i have enough restore points on this computer so that i could try with a couple and see if the files are reverted, do you guys think that may work?
Edited by tlorences, 31 March 2016 - 06:03 PM.