Author Topic: virus .harma  (Read 331 times)

0 Members and 1 Guest are viewing this topic.

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
virus .harma
« on: September 09, 2019, 03:03:28 PM »
Hey.
There is a virus .harma on my PC. Avast Free did not see him. And the files were encrypted.
If I have the source of the exe and tmp files of the virus, can this help you to develop a decryptor? There is also an encrypted file before encryption?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36327
  • Weihrauch Airguns
Re: virus .harma
« Reply #1 on: September 09, 2019, 03:45:04 PM »

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
Re: virus .harma
« Reply #2 on: September 09, 2019, 08:41:59 PM »
I tried this, it didn’t help.
The question is, having the original virus, can it not be decrypted? Run it in a sandbox or virtual machine and learn?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36327
  • Weihrauch Airguns
Re: virus .harma
« Reply #3 on: September 09, 2019, 08:54:28 PM »
The encryption code/key need to be cracked, and those who know how to do that (if possible) is found at the links i gave you

Use backup of your files, you have a Gmail account so you have free online backup at Gdrive and google photos


Encryption 101: a malware analyst’s primer
https://blog.malwarebytes.com/threat-analysis/2018/02/encryption-101-malware-analysts-primer/

Encryption 101: How to break encryption
https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/





« Last Edit: September 09, 2019, 08:56:29 PM by Pondus »