Crypt Challenge

[CDMC]

Hello everyone! I have a challenge for you. Ever heard about a Fkin' crypto ransomeware/virus? Yea, so what it does is encript files on your PC, and demand money so you can get it back. problem is, even if you pay, it wont give your files back(never payed, but heard stories about it)

 

So the challenge is, decript a file, cause i tried everything and nothing worked. I know there are smart people in this forum that knows more than i do, so maybe, just maybe someone can help me out. Cause at this point i ran out of ideas and want to get to the bottom of this, i want to learn how to deal with malware like this and get your files back.

 

Restoring a backup copy of original files is not an option. there are no backups cause all the files where kept in a different drive and only C:/ disk was having backups by default in windows.

 

 

 

[Moonzy]

http://www.idigitaltimes.com/cryptolocker-virus-removal-how-decrypt-or-restore-encrypted-files-and-remove-334250

 

not sure how credible this fix is, but yea

well you should've already tried it if you googled about it anyway

[CDMC]

i dint saw this, reading it now. all suggestions are welcome. Thanks Moonzy

 

keep them coming

 

EDIT: in that guide  ShadowExplorer  doesnt work. it dint make a backup on that other drive, it made on C:/ only and i read that Crypto malware tries to delete all the backups, but sometimes dont removes them.. in this case, all the backups where gone even on C:/ drive

[CDMC]

really, no one?

[FedeWar]

If you don't have the key it's impossible to decrypt your files, most of the modern encryption methods are unbreakable thanks to math, if you try a brute force attack it will take quite some time (a few bilion years).

The only way is searching for the key in your pc or in your memory, but the success depends on the encryption algorithm used.

[CDMC]

3 hours ago, FedeWar said:

If you don't have the key it's impossible to decrypt your files, most of the modern encryption methods are unbreakable thanks to math, if you try a brute force attack it will take quite some time (a few bilion years).

The only way is searching for the key in your pc or in your memory, but the success depends on the encryption algorithm used.

i tried brute force, it dint found the key. i do have jpg that came with the virus that shows the key. so how can i decript files when i have the key?

[FedeWar]

15 hours ago, CDMC said:

i tried brute force, it dint found the key. i do have jpg that came with the virus that shows the key. so how can i decript files when i have the key?

Google "decryption tools" and try them, there are some that work online. But I can't tell you which is the best.

[CDMC]

found a solution and it works. more info here http://support.kaspersky.com/viruses/disinfection/8547#block2

 

however you still need to have the original file. easy way to get it, see if you have something like movie or files that you downloaded from the internet and find that file again on the web, download it and it will work. i did the same, worked like a charm.

 

Note: if you for example use 1MB file, it will only decript files that are 1MB or less. so find a file that is big, for example a movie that is like 1.4GB or something, get the original copy and then decript. this way it will decript everything from 1.4GB and smaller.

 

This topic can be closed now.