首页
社区
课程
招聘
未解决 [求助]勒索病毒解密修复求助
发表于: 2020-3-9 13:47 3256

未解决 [求助]勒索病毒解密修复求助

2020-3-9 13:47
3256
今天我的电脑不知道什么原因中了勒索软件了,以下是作者的勒索信息,附件为样本,拜托论坛中的高手帮忙分析下,有没有办法写出解密程序,恢复我本机的文件,
病毒样本请勿轻易打开,分析的时候请在虚拟机中进行,先抓取个快照,然后点开即可,火绒软件可以查杀该病毒,但无法修复被加密的文件。

病毒下载地址:https://www.lanzous.com/ia2vt7e
附件已经上传。

---=== Welcome. Again. ===---

[+] Whats Happen? [+]

Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension 3a3ku.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).

[+] What guarantees? [+]

Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.

[+] How to get access on website? [+]

You have two ways:

1) [Recommended] Using a TOR browser!
  a) Download and install TOR browser from this site: https://torproject.org/
  b) Open our website: http://aplebzu47wgazapdqks6vrcv6 ... on/5DC7E3188439533C

2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
  a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
  b) Open our secondary website: http://decryptor.cc/5DC7E3188439533C

Warning: secondary website can be blocked, thats why first variant much better and more available.

When you open our website, put the following data in the input form:
Key:

ZCV03wxzqAeSTidz2nIAWFDIAisIeG7HyuqWKrnBnFc6PCELB5nLNW6KDthD90PJ
fj+cycmz2jSzCqxij6yOmYYgEG3fDk1sbuZOmTRtBUJs/5pBIN64cMLsnmBEuTOT
E+o6Dz8LsuIcEYHDHjKeS75BAVya8tqPxpnEzkr5XtAivsROCUm9/g9R6PDFAGZu
HupKYtf6jvtmeWT4hfXYlNHgm4aZs/+FJnVoy52ovRw1mbiFyDCdmC6rBbmoVKHu
0nXcJC65P1kdHlbBgYiwzHl560fwJPEInayDCWqkf7E1ezMdA5RlDgYYmqRt6hHi
Y0JfloCnFI7WlyikRXNtiLGmsyS1qdXHCptZQIGFNgYwtiv4GdkJnK2QPq5Mc3RT
J8iSP1e08C6jCJEA/CSZU0F9Wcp0Pc3haurp+FaTtNcVr6XHZgl2IwkCGu5L7taT
S3cDQwKn9SYV9UMSVCDrQQ4XTZN9zamoGOeShrOyLzqE78vnQNBzddlMmXe5xNko
tFNEpNo/m27nT96xFyzhHizFVS/o1dY6H7dQ3Wxw/CzrLbpb97lUwryiduWrL1RH
inv8hP23Bqr120yczP6o1E7xEQdNH3PzQc4eHJY5Jo7/DfFhsWmwBdGvlDC5h1eF
UpXpJ+lljtm3qU4CkoY6amKVRLqR07CRfnSm2AS4xYWQeeXz3w4u+smtC7L9t0zc
0e2mIcSLSGpIS0KhQcMYo51Tx7ihkvHCTFrVLVgp1JVKmC3hkL6Zz700iG6oCk3I
AvfxAArO6AZ074N4Yad2I5J9T561GukgPzed7U/2ZkHW6C2CATeN6iGSs/pjfrPq
I7SrZKRN987eTwJf9sW0wd61R3OJrAAhGmdZcpQydWEJaqeOE+jdnJso+sauWnP/
5BfWuta2B4C+wCb13UgsQM0NdE7/CBb7b7TJms8cMNhXESbzP2/ENCq3sc3MWh9R
niBJiSRV6PpZL5FtUOJZPV9/HvDoTZbB2LzrCGtd8LyQrpFtM0X+esiLnhvJCpMN
JMe6p6kWlXQu51gwQpgfx3LFotufziV7XittYzOfrKKBNwTEi6TSpHjXQUKSchQd
JdsD16r/RxHi/vm1r4H+402JJTW1FNXjjSws4Aes7rhaHcSi6EVKVdvyvY/x8UhF
eAA5JFtZOUk5+qU8tlX6RZRIpEw/fkZZTwYJiyzBucm8JpgTv0zzFzazujcIlc5H
6VogrmOUsx95AzEVrVVp9vIhOiPTGHFib1J2BoiO/XnQTE2rmME0S3hJybp6YqE6
Kzo8GC9dnzaVwX4ESw2fcTsLkFD21JCuoO0I4E04Nxog9ptJmwPm1xhbZK1btQNP
fwIjUJOZWLOZ/F2p6XX/YJjDbLh8Z3H0g1t1kw0BJrSU1MRyjdyJC11FoJU2XA==



Extension name:

3a3ku

-----------------------------------------------------------------------------------------

!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

上传的附件:
收藏
免费 0
支持
分享
最新回复 (2)
雪    币: 17428
活跃值: (5009)
能力值: ( LV9,RANK:450 )
在线值:
发帖
回帖
粉丝
2
Sodinokibi勒索变种
2020-3-10 10:23
0
雪    币: 7684
活跃值: (4202)
能力值: ( LV2,RANK:15 )
在线值:
发帖
回帖
粉丝
3
jishuzhain Sodinokibi勒索变种
除了作者的解密工具,还有救么,有没有大神可以解密的。
2020-3-10 14:06
0
游客
登录 | 注册 方可回帖
返回
//