Ransomware & Entropy: Your Turn
A couple of people expressed interest in the ransomed files I recovered in my last diary entry.
I can not release those files, but I did create a similar file: ransomed-file.bin.
If you want to try to recover the picture in ransomed-file.bin, be aware that I released a new version of my byte-stats tool: byte-stats-V0_0_2.zip. It can find simple sequences and contains a man page now: run byte-stats.py -m to display the man page.
And if you manage to recover the jpeg file: let me know what you think this picture is ;-)
Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
IT Security consultant at Contraste Europe.
Keywords: Ransomware
1 comment(s)
×
Diary Archives
Comments
Tricky how you made it look more random and forced me to use -s. Had I not known this was a jpeg, I might have given up without trying -s. Oh well, that's call learning.
Anonymous
Nov 2nd 2015
8 years ago