Hello everyone, thanks in advance for all the useful informations I've always found on this forum.
Today I received a call from a customer who got infected by a ransomware. I asked for a couple encrypted files in order to identify the worm, but what I got actually surprised me.
HOW TO DECRYPT FILES.TXT
Here's the content of the txt:
ATTENTION !All Your Files Was Encrypted !E-mail addresses: Datares@india.com
Apparently, from what I could deduce by the email address, it's somehow related to the Dharma ransomware, but I could not find anything on the web, nor in this forum.
Anyone knows something about this Zixer2?
Thanks again for your time.
Greetings from Italy.
Edited by ilevyas, 03 April 2017 - 05:43 AM.