Jump to content
rdio

Ransomware Dharma (.cezar Family)

Recommended Posts

Hello everyone,

Recently my Windows Server 2008 R2 server (with updates in day) was attacked by a Ransomware. Detail, the RDP port was opened for external access, I believe that this was used to the attack.

In addition to having damaged Windows, because it does not start any more, giving logon screen error (initialization failure of the interactive logon process ....), it encrypted my files.

The files was crypt and renamed to:
.id-D45F933F.[buydecrypt@qq.com].bip

After a long searching and tips from friends, I was able to identify which Ransomware it was, through https://id-ransomware.malwarehunterteam.com.

According to the site, it is Ransomware Dharma (.cezar Family), but what I think strange is the extension of the files are finished with .bip and not .cezar.

Well, I've tried everything to decrypt the files and no success, I sent sample files to Dr. Web and they informed me that they can´t decrypt.

So I come to ask for help for you, if anyone knows how to decrypt this type of Ransomware please help me.

Best Regards
Robson

Share this post


Link to post

helpppppppp......Good morning friend, I have a problem with a .bip ransomware and I need to decipher the files by chance have you managed to recover the information?

Share this post


Link to post

I have not got anything yet.

I am trying to recover the files with these companies specialized in file recovery. But I have not had any response from them yet.

If someone finds a solution please post, if I find something I'll post it too

Good luck

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.