A client of ours has recently been hit by Cryakl as we suspect.
There are a few tools, but most of them says invalid file extension(we've tried to rename, nothing)
Is there ANYTHING to do? Our backup was messed up in the process(yes..) - it's a really bad situation.
I have tried to attach some encrypted files, but I can't seem to figure out how.
I've gotten the ransomware itself, so if that's useful to some reverse engineers, let me know how we can make the exchange of files.
Example encrypted file name:
email-lybot@keemail.me.ver-CL 1.4.1.0.id-706192690-27-01-2018 21@50@240.fname-Launch Internet Explorer Browser.lnk.fairytail
Ransomware executer:
lybot.exe