ttrifonov 0 Posted October 31, 2019 Share Posted October 31, 2019 Hello, Our client got infected with MedusaLocker Ransomware, someone uploaded on the desktop of windows machine a folder with files and some of them are the virus it's self. And now of the data is encrypted... but they managed to provide, a copy of some encrypted and clean files. I'm attaching them separately from the virus files. These zip files are with password or your AV may kill them, the password is : 123123 Be really careful with them! medusa ransomware and other files.zip Files one encrypted and one clean.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 4,908 Posted October 31, 2019 Administrators Share Posted October 31, 2019 Files encrypted by Filecoder.MedusaLocker cannot be decrypted. Please provide also logs collected with ESET Log Collector from that machine. Link to comment Share on other sites More sharing options...
ttrifonov 0 Posted October 31, 2019 Author Share Posted October 31, 2019 Where was no active AV only Windows Defender. And there are no logs to export that can help or anything. Link to comment Share on other sites More sharing options...
itman 1,627 Posted October 31, 2019 Share Posted October 31, 2019 13 minutes ago, ttrifonov said: Where was no active AV only Windows Defender. And there are no logs to export that can help or anything. Do you have Eset installed on this network in any capacity? If not, you're in the wrong forum. You should be contacting Microsoft about this ransomware. Link to comment Share on other sites More sharing options...
Recommended Posts