New Dharma encryption?

[WNDKK 0]

I have encrypted files with the ending [amagnus00@gmx.org].wallet, is this a new version of the Dharma encrypter? Neither the Eset decrypter nor the RakhniDecrypter helped.
Attached is a .lnk file from the infected computer.
Is there something I can do?
Thank you.

[amagnus00@gmx.com].wallet.zip

Edited March 17, 2017 by WNDKK
typo

[Marcos 5,070]

Unfortunately, files encrypted by Filecoder.Crysis cannot be decrypted. Did you have ESET installed and all protection features enabled? If so, what product version it was?

[WNDKK 0]

ESET was indeed installed and running. It was ESET File Security 6.0.12035.1

[Marcos 5,070]

Do you use the server for browsing the web or reading email? Couldn't it be that files got encrypted in shared folders from an infected workstation? Do you have Endpoint v6 installed on all workstations and LiveGrid is enabled also in EFSW?

[WNDKK 0]

Workstations are running macOS and the purpose of the server was running a Windows only program needed to be accessed by all employees via intern RDP. By company regulations, users aren't allowed to check emails or browse the web while connected to the server, but that probably is what happened anyhow.

[Marcos 5,070]

Not really. As you can see, Filecoder.Crysis is often run by an attacker who connects to a computer (often a server) via RDP:

https://www.bleepingcomputer.com/news/security/number-of-rdp-brute-force-attacks-spreading-crysis-ransomware-doubles-in-6-months/

Protecting ESET's settings with a password would prevent the attacker from disabling or uninstalling ESET, however, it's crucial to secure RDP in the first place.

[Barder 1]

It's a new Wallet ransomware strain https://malwareless.com/remove-wallet-ransomware-virus/ 

You should upload an encrypted file to https://www.nomoreransom.org/crypto-sheriff.php and try to find a decryption tool. However, as I know there is still no decryption solution for this type of ransomware.