Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
Knowing is half the battle!
Dharma (.cezar Family)
This ransomware has no known way of decrypting data at this time.
It is recommended to backup your encrypted files, and hope for a solution in the future.
- ransomnote_email: [email protected]
- sample_extension: .id-<id>.[<email>].santa
- sample_bytes: [0xBE0 - 0xC20] 0x00000000020000000CFE7A410000000000000000000000002000000000000000
- custom_rule: Original filename "keygpg.rar" after filemarker
Would you like to be notified if there is any development regarding this ransomware? Click here.