ttrifonov 0 Posted October 31, 2019 Posted October 31, 2019 Hello, Our client got infected with MedusaLocker Ransomware, someone uploaded on the desktop of windows machine a folder with files and some of them are the virus it's self. And now of the data is encrypted... but they managed to provide, a copy of some encrypted and clean files. I'm attaching them separately from the virus files. These zip files are with password or your AV may kill them, the password is : 123123 Be really careful with them! medusa ransomware and other files.zip Files one encrypted and one clean.zip
Administrators Marcos 5,455 Posted October 31, 2019 Administrators Posted October 31, 2019 Files encrypted by Filecoder.MedusaLocker cannot be decrypted. Please provide also logs collected with ESET Log Collector from that machine.
ttrifonov 0 Posted October 31, 2019 Author Posted October 31, 2019 Where was no active AV only Windows Defender. And there are no logs to export that can help or anything.
itman 1,802 Posted October 31, 2019 Posted October 31, 2019 13 minutes ago, ttrifonov said: Where was no active AV only Windows Defender. And there are no logs to export that can help or anything. Do you have Eset installed on this network in any capacity? If not, you're in the wrong forum. You should be contacting Microsoft about this ransomware.
Recommended Posts