Hi, Got a client who i think got RDP BruteForce by
https://www.soluciones.si/blog/en/2017/02/27/listado-completo-de-grupos-de-hackers-que-encriptan-wallet/comment-page-1/ these guys
His email is listed there
I have disable RDP port forwarding on the router.
I went to the ID RANSOMEWARE it reportedCrypt0L0cker Crypt0L0cker
but i cant find a decryption for it.
I have tried ESET, Trendmicro decryption but none will recognize the file