Repair file
August 28th, 2018, 16:07
Helo!!
Please help!
Repair one file is [buydecrypt@qq.com].bip
??
Please help!
Repair one file is [buydecrypt@qq.com].bip
??
Re: Repair file
August 28th, 2018, 16:24
Unfortunately, the encryption of the new variants of Dharma ransomware ([buydecrypt@qq.com].bip) is currently completely secure and can only be decrypted using the RSA private keys of the criminals.
Re: Repair file
August 30th, 2018, 9:06
Ok thanks reply!
I am view file in editor hexa.
I am view file in editor hexa.
Re: Repair file
August 30th, 2018, 9:06
Ok thanks reply!
I am view file in editor hexa.
I am view file in editor hexa.
Re: Repair file
August 30th, 2018, 11:11
Hi, if your files are important and your client will pay for the Data we can help
regards
regards
Re: Repair file
August 30th, 2018, 13:08
H13 wrote:Hi, if your files are important and your client will pay for the Data we can help
regards
Just wondering how? Do you have a solution for this variant?
Re: Repair file
August 30th, 2018, 13:16
hdd_sand wrote:H13 wrote:Hi, if your files are important and your client will pay for the Data we can help
regards
Just wondering how? Do you have a solution for this variant?
Contact the crooks and pay the ransom
Re: Repair file
August 30th, 2018, 13:30
pcimage wrote:hdd_sand wrote:H13 wrote:Hi, if your files are important and your client will pay for the Data we can help
regards
Just wondering how? Do you have a solution for this variant?
Contact the crooks and pay the ransom
Do you think they are pay the ransom ?
http://www.rm-ransomwarerecovery.com/
Re: Repair file
August 30th, 2018, 13:35
hdd_sand wrote:H13 wrote:Hi, if your files are important and your client will pay for the Data we can help
regards
Just wondering how? Do you have a solution for this variant?
3200$ if the client need the Data
i just resale the the service
Regards
Re: Repair file
August 30th, 2018, 13:40
Hi!
Thanks reply!
They pay for the hackers! Only that!
Thanks reply!
They pay for the hackers! Only that!
Re: Repair file
August 30th, 2018, 16:30
H13 wrote:pcimage wrote:hdd_sand wrote:H13 wrote:Hi, if your files are important and your client will pay for the Data we can help
regards
Just wondering how? Do you have a solution for this variant?
Contact the crooks and pay the ransom
Do you think they are pay the ransom ?
http://www.rm-ransomwarerecovery.com/
From what I’ve been told by clients, yes I think they do.
I have no evidence to the contrary.
Re: Repair file
August 31st, 2018, 1:33
It looks like the developers of Dharma have been active in comms with lots of people offering discounts to resellers.
We have been REing Ransomware strains since their very beginning and we have decrypted hundreds of cases, sometimes with homebrewed tools. And we've been contacted 3 times already by different people, offering us solution for Dharma, for a fee little smaller than the crooks' ransom.
Of course we have reported them to the police.
Listen, Dharma always has been a very well coded and very sophisticated strain.
IT HAS NO WEAKNESSES.
If someone is offering decryption services for Dharma, he's either in contact with the crooks and has a discounted flat price (and pockets the difference), or he is the developer himself and has the master key.
Period.
We have been REing Ransomware strains since their very beginning and we have decrypted hundreds of cases, sometimes with homebrewed tools. And we've been contacted 3 times already by different people, offering us solution for Dharma, for a fee little smaller than the crooks' ransom.
Of course we have reported them to the police.
Listen, Dharma always has been a very well coded and very sophisticated strain.
IT HAS NO WEAKNESSES.
If someone is offering decryption services for Dharma, he's either in contact with the crooks and has a discounted flat price (and pockets the difference), or he is the developer himself and has the master key.
Period.
Re: Repair file
August 31st, 2018, 3:42
northwind wrote:It looks like the developers of Dharma have been active in comms with lots of people offering discounts to resellers.
We have been REing Ransomware strains since their very beginning and we have decrypted hundreds of cases, sometimes with homebrewed tools. And we've been contacted 3 times already by different people, offering us solution for Dharma, for a fee little smaller than the crooks' ransom.
Of course we have reported them to the police.
Listen, Dharma always has been a very well coded and very sophisticated strain.
IT HAS NO WEAKNESSES.
If someone is offering decryption services for Dharma, he's either in contact with the crooks and has a discounted flat price (and pockets the difference), or he is the developer himself and has the master key.
Period.
Now, that does make perfect sense. Explains a lot!
Re: Repair file
August 31st, 2018, 8:09
northwind wrote:If someone is offering decryption services for Dharma, he's either in contact with the crooks and has a discounted flat price (and pockets the difference), or he is the developer himself and has the master key.
Period.
+1
Re: Repair file
September 4th, 2018, 3:10
As a matter of fact...
This is #4.
This is #4.
- Attachments
-
Re: Repair file
September 4th, 2018, 4:13
and it gets better.
- Attachments
-
Re: Repair file
September 4th, 2018, 4:23
...and better...
- Attachments
-
Re: Repair file
September 4th, 2018, 13:34
northwind wrote:As a matter of fact...
This is #4.
I got this email too!
Re: Repair file
September 13th, 2018, 12:09
Guys, what you think
send 4 files and he decripit it, payment is in " x.xxx USD "
THe conversion was like this:
ME -> how this works ?
are you asking decryption procedure ?
ME -> yes payment and procedures ?
payment in advance
afterthat i will need to connect your infected computer two times, firstly to run a tool (scan and decryptor software) to collect public keys which are required to create your private key that can decrypt all your files (VERY IMPORTANT: DURING SCAN FOR PUBLIC KEYS ALL ENCRYPTED FILES CAN BE IN THAT COMPUTER, OTHERWISE WE MAY NOT ABLE TO DECRYPT ALL YOUR FILES !!!), few hours later from this action i will connect your computer again to perform fully decryption with Private Key, decyption can take few hours depending on total size of your encrypted files.
ME -> why do you need the key if you have decrypted the samples ?
public keys are required for complete and healthy decryption
ME -> how could you decrypt the samples ?
pls do not ask me more quesitons
i m very busy
if you need my service
just let me know
- Code:
Good day,
i have a recovery solution for New Dharma Ransomware (arrow, java, cesar, arena, bip, combo or cmb extensions), if you have any case please send me 3-4 sample files to analysis, thanks in advance.
send 4 files and he decripit it, payment is in " x.xxx USD "
THe conversion was like this:
ME -> how this works ?
are you asking decryption procedure ?
ME -> yes payment and procedures ?
payment in advance
afterthat i will need to connect your infected computer two times, firstly to run a tool (scan and decryptor software) to collect public keys which are required to create your private key that can decrypt all your files (VERY IMPORTANT: DURING SCAN FOR PUBLIC KEYS ALL ENCRYPTED FILES CAN BE IN THAT COMPUTER, OTHERWISE WE MAY NOT ABLE TO DECRYPT ALL YOUR FILES !!!), few hours later from this action i will connect your computer again to perform fully decryption with Private Key, decyption can take few hours depending on total size of your encrypted files.
ME -> why do you need the key if you have decrypted the samples ?
public keys are required for complete and healthy decryption
ME -> how could you decrypt the samples ?
pls do not ask me more quesitons
i m very busy
if you need my service
just let me know
Powered by phpBB © phpBB Group.