Author Topic: virus .harma  (Read 859 times)

0 Members and 1 Guest are viewing this topic.

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
virus .harma
« on: September 09, 2019, 03:03:28 PM »
Hey.
There is a virus .harma on my PC. Avast Free did not see him. And the files were encrypted.
If I have the source of the exe and tmp files of the virus, can this help you to develop a decryptor? There is also an encrypted file before encryption?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36694
Re: virus .harma
« Reply #1 on: September 09, 2019, 03:45:04 PM »

Offline zidan4ek

  • Newbie
  • *
  • Posts: 4
Re: virus .harma
« Reply #2 on: September 09, 2019, 08:41:59 PM »
I tried this, it didn’t help.
The question is, having the original virus, can it not be decrypted? Run it in a sandbox or virtual machine and learn?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36694
Re: virus .harma
« Reply #3 on: September 09, 2019, 08:54:28 PM »
The encryption code/key need to be cracked, and those who know how to do that (if possible) is found at the links i gave you

Use backup of your files, you have a Gmail account so you have free online backup at Gdrive and google photos


Encryption 101: a malware analyst’s primer
https://blog.malwarebytes.com/threat-analysis/2018/02/encryption-101-malware-analysts-primer/

Encryption 101: How to break encryption
https://blog.malwarebytes.com/threat-analysis/2018/03/encryption-101-how-to-break-encryption/





« Last Edit: September 09, 2019, 08:56:29 PM by Pondus »

Offline Юлия47

  • Newbie
  • *
  • Posts: 1
Re: virus .harma
« Reply #4 on: February 10, 2020, 08:53:35 AM »
Pondus, может я не туда смотрю? обаэти сайта отвечают что дешифровщик еще не придумали. покажи мне куда смотреть

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65551
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: virus .harma
« Reply #5 on: February 10, 2020, 09:42:50 AM »
Please post English here, else use the forum section for your language.
-> https://forum.avast.com/index.php?board=21.0
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2775
  • Volunteer
Re: virus .harma
« Reply #6 on: February 10, 2020, 02:42:03 PM »
Pondus, может я не туда смотрю? обаэти сайта отвечают что дешифровщик еще не придумали. покажи мне куда смотреть

Расшифровщик еще не доступен для этого вымогателя.
*Volunteer*.
Tier I SOC Analyst; Threat Hunter; Digital Forensics (no cert); HTB Competitor; Pentester (no cert).

4th Year BCS Student.