Jump to content

Recommended Posts

Posted

Hi team one of my server was infected with ramsomware wallyredd@aol.com extension phoenix. Do you know the best tool or the way to delete and decrypt the files.

IMG-aol.thumb.jpg.f00b7fe43fd56a0d7c635a0d7247407f.jpg

The version is ESET remote administration version 6.5

Thanks.

  • Administrators
Posted

Please attach the ransomware note here.

Posted

Phoenix Ransomware Description

When the Phoenix Ransomware was first mentioned amongst security researchers, the Trojan was still in development. Researchers found the threat while digging in reports submitted to the Google's VirusTotal platform and going on the Dark Web. Samples recovered from reports provided threat investigators with the executable to analyze, and they reveal interesting facts. The Phoenix Ransomware appears to be in development at the time of writing this. However, the Phoenix Ransomware is compact in size and can be deployed with spam emails as a file with a double extension, which may pass as a simple invoice easily.

https://www.enigmasoftware.com/phoenixransomware-removal/

https://www.pcrisk.com/removal-guides/10829-phoenix-ransomware

 

File infected.rar

Posted

Hi team, 

Do you have any answer?

Thanks.

  • Administrators
Posted
21 minutes ago, Juan said:

Do you have any answer?

Unfortunately, you attached encrypted files, not the ransomware note that I asked for.

Posted

Hi team,
thanks for the help, we managed to get a backup and installed everything new.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...