Page 1 of 1
GlobeImposter 2.0
Posted: January 24th, 2022, 15:40
by sempre
Hi to all!
Please infos from decrypt files .lockis is ransomware GlobeImposter 2.0.?
Re: GlobeImposter 2.0
Posted: January 24th, 2022, 16:49
by Arch Stanton
No decrypt AFAIK.
Re: GlobeImposter 2.0
Posted: January 24th, 2022, 16:53
by sempre
sempre wrote:Hi to all!
Please infos from decrypt files .lockis is ransomware GlobeImposter 2.0.?
or repair files?
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 5:03
by Arch Stanton
Depends on if file is partially encrypted or entirely. To find out, you can for example use file pair, a good and an encrypted copy of same file.
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 9:31
by sempre
Arch Stanton wrote:Depends on if file is partially encrypted or entirely. To find out, you can for example use file pair, a good and an encrypted copy of same file.
Hi!
Thanks for replys!
Partially encrypted!
Tool repair file. DB?
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 9:45
by Arch Stanton
What are you saying, you need to repair partially encrypted DB? I'll try to direct someone who may be able to help to this thread.
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 9:55
by sempre
Arch Stanton wrote:What are you saying, you need to repair partially encrypted DB? I'll try to direct someone who may be able to help to this thread.
ok thanks!
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 11:15
by northwind
GlobeImposter 2.0 is a copycat of Globe3 Ransomware.
It's not decryptable.
I've been messing around with this strain since it appeared and I've put a lot of effort to try and find a flaw in it (for personal reasons, one of my best friends got attacked and lost a lot of his work and personal data).
It's very, very secure. And very well-written.
HOWEVER, I was able to restore my friends' SQL database by 60-70% and I was able to recover a lot of his lost pictures and office docs.
Not a solid recovery, but better than nothing.
Re: GlobeImposter 2.0
Posted: January 25th, 2022, 15:07
by sempre
northwind wrote:GlobeImposter 2.0 is a copycat of Globe3 Ransomware.
It's not decryptable.
I've been messing around with this strain since it appeared and I've put a lot of effort to try and find a flaw in it (for personal reasons, one of my best friends got attacked and lost a lot of his work and personal data).
It's very, very secure. And very well-written.
HOWEVER, I was able to restore my friends' SQL database by 60-70% and I was able to recover a lot of his lost pictures and office docs.
Not a solid recovery, but better than nothing.
PM
Re: GlobeImposter 2.0
Posted: January 31st, 2022, 14:35
by sempre
sempre wrote:Arch Stanton wrote:Depends on if file is partially encrypted or entirely. To find out, you can for example use file pair, a good and an encrypted copy of same file.
Hi!
Thanks for replys!
Partially encrypted!
Tool repair file. DB?
Sorry, file repair name_file.db (not sql)