Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
Knowing is half the battle!
Dharma (.cezar Family)
This ransomware has no known way of decrypting data at this time.
It is recommended to backup your encrypted files, and hope for a solution in the future.
- sample_extension: .id-<id>.[<email>].PLUT
- sample_bytes: [0x75A0 - 0x75E0] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
- custom_rule: Original filename "customer support survey.xlsx" after filemarker
Would you like to be notified if there is any development regarding this ransomware? Click here.