Jump to content

Recommended Posts

Posted

My computer was attacked by  virus Filecoder.Magniber Trojan... and encrypted a lot of files such as ms office documents, excel, PDF, dbf files which I could not able to resolve the files. 

I am attached some encrypted files for your analysis and hope you can resolve the files shortly.

 

 

Posted

Do you use a an existing version of Eset?

Posted

I did check on internet and could not found and tools recover the encrypted files. Hope ESET can deploy the tools shorty.

Posted
10 hours ago, Alex TSK said:

I am using NOD32 version 4 on windows 7. 

You need to upgrade to the latest version of NOD32 which gives enhanced protections against ransomware. Additionally if you upgrade to Win 10, Eset will provided enhanced protection against script based malware. Note that many ransomware are delivered via scripts namely PowerShell ones.

  • Administrators
Posted

Unfortunately, files encrypted by Filecoder.Magniber cannot be decoded. As already suggested, uninstall v4 and install the latest version (home v.11.2.49 or Endpoint v7) for better protection. Also make sure to harden RDP (e.g. allow it only for internal connections and use VPN, use 2FA, etc.).

Posted
11 hours ago, Alex TSK said:

I did check on internet and could not found and tools recover the encrypted files. Hope ESET can deploy the tools shorty.

There is a decryptor tool for Magniber available at https://gist.github.com/evilsocket/b89df665e6d52446e3e353fc1cc44711

You will have to know the AES Key in order to use this tool to decrypt your files.

The full analysis of this threat can be found at https://blog.malwarebytes.com/threat-analysis/2017/10/magniber-ransomware-exclusively-for-south-koreans/

Posted

Hello Cousin Vinny,

Thanks for your information. Which language platform should I use for exec the codes and try?

Best Regards,

Alex

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...