rivitna
commented
2 months ago Hello! rmallox is a new version of Mallox. I can't decrypt rmallox files. If you have a ransomware sample, I can tell you for sure about the possibility of decryption.
Closed ppvidi closed 2 months ago
rivitna
commented
2 months ago Hello! rmallox is a new version of Mallox. I can't decrypt rmallox files. If you have a ransomware sample, I can tell you for sure about the possibility of decryption.
ppvidi
commented
2 months ago Thanks for your quick respons. The sample is attached. I had to change file type from *.i01.rmallox to txt. Polned.txt
ppvidi
commented
2 months ago Hallo,
I just send you the encrypted file without changes of extension. See attachment.
From: Andrey Zhdanov @.> Sent: Saturday, April 20, 2024 12:41 AM To: rivitna/Malware @.> Cc: ppvidi @.>; Author @.> Subject: Re: [rivitna/Malware] rmallox (Issue #10)
Hello! rmallox is a new version of Mallox. I can't decrypt rmallox files. If you have a ransomware sample, I can tell you for sure about the possibility of decryption.
— Reply to this email directly, view it on GitHub https://github.com/rivitna/Malware/issues/10#issuecomment-2067362550 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AV4KOJ4PJWYNARPDY57SDKDY6GMP3AVCNFSM6AAAAABGPWZ7QWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANRXGM3DENJVGA . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AV4KOJ44AJ3WJX6O7UX333TY6GMP3A5CNFSM6AAAAABGPWZ7QWWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTT3HFZPM.gif Message ID: @. @.> >
rivitna
commented
2 months ago Unfortunately, I can't decrypt the rmallox files.
Hello, I become a victim of the "corporate" version of Mallox, My files are encryped and added *.rmallox. Can you help me with decryping of one file?