Author Topic: virus .harma  (Read 2913 times)

0 Members and 1 Guest are viewing this topic.

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
virus .harma
« on: September 09, 2019, 03:03:28 PM »
Hey.
There is a virus .harma on my PC. Avast Free did not see him. And the files were encrypted.
If I have the source of the exe and tmp files of the virus, can this help you to develop a decryptor? There is also an encrypted file before encryption?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: virus .harma
« Reply #1 on: September 09, 2019, 03:45:04 PM »

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
Re: virus .harma
« Reply #2 on: September 09, 2019, 08:41:59 PM »
I tried this, it didn’t help.
The question is, having the original virus, can it not be decrypted? Run it in a sandbox or virtual machine and learn?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: virus .harma
« Reply #3 on: September 09, 2019, 08:54:28 PM »
The encryption code/key need to be cracked, and those who know how to do that (if possible) is found at the links i gave you

Use backup of your files, you have a Gmail account so you have free online backup at Gdrive and google photos


Encryption 101: a malware analyst’s primer
https://blog.malwarebytes.com/threat-analysis/2018/02/encryption-101-malware-analysts-primer/

Encryption 101: How to break encryption
https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/





« Last Edit: September 09, 2019, 08:56:29 PM by Pondus »

Offline Юлия47

  • Newbie
  • *
  • Posts: 1
Re: virus .harma
« Reply #4 on: February 10, 2020, 08:53:35 AM »
Pondus, может я не туда смотрю? обаэти сайта отвечают что дешифровщик еще не придумали. покажи мне куда смотреть

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: virus .harma
« Reply #5 on: February 10, 2020, 09:42:50 AM »
Please post English here, else use the forum section for your language.
-> https://forum.avast.com/index.php?board=21.0
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
Re: virus .harma
« Reply #6 on: February 10, 2020, 02:42:03 PM »
Pondus, может я не туда смотрю? обаэти сайта отвечают что дешифровщик еще не придумали. покажи мне куда смотреть

Расшифровщик еще не доступен для этого вымогателя.
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.