Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zipper Ransomware (Unzip your ZIP files.txt, zip@email.tg) Support Topic


  • Please log in to reply
5 replies to this topic

#1 cacom7

cacom7

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:43 PM

Posted 18 January 2018 - 02:58 PM

Friends, good afternoon.
 
On 06-November-2017, we suffered an ransomware attack.
The files have been converted to .zip, and when you try to extract or open a message saying that the file is in unknown or corrupted form.
 
Along with the files, is a text file unzip your files ... zip@email.tg.
 
in https://id-ransomware.blogspot.com.br/2017/10/zipper-ransomware.html, I was directed to get help here ...
 
Can someone help me retrieve my data?
 
Probably, damages files using CRC32 and AES-key. Necessary to use the program for data recovery...

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:43 AM

Posted 19 January 2018 - 09:01 AM

Zipper Ransomware converts files to the .zip extension and leaves files (ransom) notes named Unzip your ZIP files.txt as explained here.

Unfortunately, I am not aware of any fix solution without paying the ransom.

Our crypto malware experts most likely will need a sample of the malware file itself to analyze before anyone can ascertain if the encrypted files can even be decrypted. Samples of any suspicious executable's (installer, malicious files, attachments) that you suspect were involved in causing the infection can be submitted (uploaded) here with a link to this topic. There is a "Link to topic where this file was requested" box under the Browse button...it's best to compress large files before sharing.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 cacom7

cacom7
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:43 PM

Posted 19 January 2018 - 01:14 PM

the problem is that it has been done for more than 30 days, so AVG excludes the quarantine. If I have the original file (not infected) and the current file (Infected), it does not help at all?


Edited by cacom7, 19 January 2018 - 01:16 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:43 AM

Posted 19 January 2018 - 02:00 PM

I don't know if they would be of much help but you can submit them to the same link I provided in my previous reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 cacom7

cacom7
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:43 PM

Posted 20 February 2018 - 10:25 AM

I don't know if they would be of much help but you can submit them to the same link I provided in my previous reply.

 

Good afternoon.

quietman7

I was able to recover the suspicious file, I just sent it through the link that you submitted.

Good afternoon. I was able to recover the suspicious file, I just sent it through the link that you submitted.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:43 AM

Posted 20 February 2018 - 12:40 PM

Ok. Please be patient. BleepingComputer is inundated with support requests and not everyone may receive an individual reply. After our volunteer experts have examined submitted files, they typically will only reply in a support topic if they can assist or need further information. If not, then the submitted files were not helpful.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users