ID Ransomware

Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.

Knowing is half the battle!
GI Joe

Dharma (.cezar Family)

This ransomware has no known way of decrypting data at this time.

It is recommended to backup your encrypted files, and hope for a solution in the future.

Identified by

ransomnote_email: [email protected]
sample_extension: .id-<id>.[<email>].santa
sample_bytes: [0xBE0 - 0xC20] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
custom_rule: Original filename "keygpg.rar" after filemarker

Click here for more information about Dharma (.cezar Family)

Would you like to be notified if there is any development regarding this ransomware? Click here.

Ransomware Got Past Your Antivirus?

* This is an affiliate link, and I receive commission for purchases made. I do honestly recommend Emsisoft and their products even without this affiliation.

ID Ransomware

1 Result

Dharma (.cezar Family)

This ransomware has no known way of decrypting data at this time. It is recommended to backup your encrypted files, and hope for a solution in the future.

Click here for more information about Dharma (.cezar Family)

Ransomware Got Past Your Antivirus?

This ransomware has no known way of decrypting data at this time.

It is recommended to backup your encrypted files, and hope for a solution in the future.