| HDD GURU FORUMS http://forum.hddguru.com/ |
|
| Is there any workaround for Trigona ransomware? http://forum.hddguru.com/viewtopic.php?f=7&t=43949 |
Page 1 of 1 |
| Author: | Pandemicc [ December 27th, 2023, 14:45 ] |
| Post subject: | Is there any workaround for Trigona ransomware? |
Hi all, sorry if the thread is in the wrong section. I was looking for ways to decrypt files that are infected with Trigona. https://id-ransomware.malwarehunterteam.com says that there are no ways decrypt Trigona yet. Is there any other site to learn about it or the malwarehunterteam is the more decent one? Lastly, is there a way to find the files through file recovery? I have rtt T80. |
|
| Author: | Arch Stanton [ December 29th, 2023, 9:52 ] |
| Post subject: | Re: Is there any workaround for Trigona ransomware? |
Depends on many things. Note in advance that I do not have examined files encrypted by this particular ransomware. So file recovery: Many ransomwares open file > copy encrypted data to new file > delete original. So depending on specifics it may be possible to go after the deleted originals. But anyone understanding mechanisms and consequences of file deletion can tell this is a long shot. I also read somewhere I think this ransomware offers attackers to option to erase original files, as in zero fill. Anyway, assuming you took a drive image you can simply try. File repair: IMO it's always worth investigating a larger encrypted file and try determine if the entire file is encrypted. If not partial recovery of data / file repair may be possible, investigate some more files and see if you can determine a pattern. Some ransomwares actually encrypt surprisingly small portion of file data in case of large files. |
|
| Page 1 of 1 | All times are UTC - 5 hours [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|