Hello everyone, I could use some help from the hacking community to reverse engineer a decryptor tool for a newly discovered ransomware called SECLES. Recently, I became a victim of SECLES ransomware. Thankfully, a fellow Reddit user paid the ransom and shared their encrypted files along with the decryption key. Now, I have been trying to understand the inner workings of the decryptor tool. While attempting to reverse engineer the decryptor using Ghidra, I encountered some challenges as this is my first dive into reverse engineering. Any guidance or expertise would be greatly appreciated. I've uploaded a zip file to Megaupload containing: https://mega.nz/file/ce010I5I#vJBshUBT-mQzLOmD67mFJ5js7VPEP-x3NluECddkiqU Encrypted test files provided by the user (they can be decrypted with the provided key) The C:\Secles folder (required by the decryptor) The decryption key file Additionally, I've included a link to one of my files with a different ID, which cannot be decrypted with the provided key. https://mega.nz/file/YPNjkSrL#_oRjAQP7rITRZ3WOOmgi3oOdqBDNK_5hovBQtd7cLPs I have so far taking some precautions for safety: Access to these files has been limited to a secure environment, isolated from the internet and my home network. Prior to uploading, all files were scanned with VirusTotal. The decryptor tool was flagged as malicious. If anyone in the community has experience in reverse engineering or insights into decrypting files, your assistance would be invaluable. Thank you! [link] [comments] |
from hacking: security in practice https://ift.tt/neKg5r2
Comments
Post a Comment