I was attacked by a version of nemesis firstname.lastname@example.org All my files are encrypted now. He asked me money in btc. Appreciate if you could help me with the decryption. Please, it' is a big damage for my work. Thank you
. Unfortunately, we cannot directly help you. Can you provide us with a ransom note (like "DECRYPT_FILES.txt
" or similar) and what extension your locked files have?
This seems to be a new variant of Nemesis
as I don't recognize the email address and cannot find it anywhere. Also what does the ransomware note look like:
In any case, you should try the decryptor programs provided by EMSIsoft
:CryptON (Nemesis) : https://decrypter.emsisoft.com/crypton
Nemesis ransomware family (Cry128) : https://decrypter.emsisoft.com/cry128
Although your variant might be newer and not added to the decryptors, you should backup your files and after that test both of them.
In case the decryptor tools do not work, you should check out this article:How to Restore Files Encrypted by Ransomware (Without Decrypter)
I hope that something works, but if this is a newer variant for Nemesis it might be coded in a different way, preventing known methods for decryption. Whatever the results are, we at SensorsTechForum expect your answer.