This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello all. New to this program. In my research dealing with this infection, I've read that Wireshark can sometimes be used to pull the decryption key. I need to decrypt files locked by this. Can anyone tell me how to go about trying this? Thanks

asked 14 Jul '15, 11:26

Raven's gravatar image

Raven
6112
accept rate: 0%


I would just wipe your computer and restore your files from backup. New ransomware has encrypted communications, and the decrypt keys reside on the attacker's server, only to be sent if paid.

permanent link

answered 15 Jul '15, 12:00

zer0day's gravatar image

zer0day
217811
accept rate: 60%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×165
×26
×21
×14
×1

question asked: 14 Jul '15, 11:26

question was seen: 1,379 times

last updated: 15 Jul '15, 12:00

p​o​w​e​r​e​d by O​S​Q​A