图片展示

成功处理.locked勒索病毒解密

发表时间: 2022-03-28 14:55:23

浏览:

注意:本篇为早期locked介绍,

2022年8月28日后爆发的.locked勒索病毒问题,请移步这里了解详情:https://www.grit.com.cn/Ransomware/locked



近日深圳一家科技公司服务器感染.locked勒索病毒,服务器上部署的OA系统,除C盘外所有文件被加密成.locked扩展名。


提取到READ_ME.html文档,内容如下:

I am so sorry ! All your files have been encryptd by RSA-1024 and AES-256 due to a computer security problems.

If you think your data is very important .The only way to decrypt your file is to buy my decrytion tool .

else you can delete your encrypted data or reinstall your system.


Your personid :

***********************************************************************************************=



Decrytion do as follows:

1. if you not own bitcoin,you can buy it online on some websites. like https://localbitcoins.net/ or https://www.coinbase.com/ .

2. send 0.1 btc to my wallet address **************************

3. send your btc transfer screenshots and your persionid to my email service@goodluckday.xyz . i will send you decrytion tool.



Tips:

1.don't rename your file

2.you can try some software to decrytion . but finally you will kown it's vain .

3.if any way can't to contact to me .you can try send me bitcoin and paste your email in the transfer information. i will contact you and send you decrytion tools.


Anything you want to help . please send mail to my email service@goodluckday.xyz.

Have a nice day .

经过国瑞安全紧急处理,成功解密被加密文件和数据库,客户及时恢复了生产工作,将损失降到最低程度。

需注意的是,此类型并非早期lock或locky勒索病毒家族,加密机制及解密方法均与lock或locky不相同。




24小时应急响应热线:15021662155 / 15611033457

成功处理.locked勒索病毒解密
近日深圳一家科技公司服务器感染.locked勒索病毒,服务器上部署的OA系统,除C盘外所有文件被加密成.locked扩展名。提取到READ_ME.html文档,service@goodluckday*
长按图片保存/分享
1
资讯分类
近期爆发

—— 联系我们    Contact Us ——

24小时应急响应电话:15021662155 (微信同号)

 serve@grit.com.cn

样本提交 2012 - 2020 Copyright © 国瑞IT安全服务中心 沪ICP备09036178号 

添加微信好友,详细了解产品
使用企业微信
“扫一扫”加入群聊
复制成功
添加微信好友,详细了解产品
我知道了