I have only encripted files. Id-ransomware can't determine type of ransomware. Extensions are changed to mmvkpbj, I will attach sample file https://www.sendspace.com/file/abr01z . 10x
Jump to content
Posted 25 May 2016 - 09:53 AM
We will need a ransom note in order to properly identify. A few ransomwares generate a completely random extension, so ID Ransomware cannot properly identify (without generating an obscene amount of false-positives) without a matching ransom note (which is compared with the extension in some cases).
CTB-Locker and Maktub are generally the two most common that create a totally random 6-7 character extension for files. CTB-Locker would typically have a ransom note called "!Decrypt-All-Files-mmvkpbj.txt", and Maktub would have "_DECRYPT_INFO_mmvkpbj.html". Both cannot be decrypted I'm afraid.
Based on infection rates as of late, I'm more suspecting you may be a victim of CTB-Locker. You can view more information in the following topic to see if your symptoms match up.
If I have helped you and you wish to support my ransomware fighting, you may support me here.
Posted 25 May 2016 - 06:43 PM
0 members, 0 guests, 0 anonymous users