Ransomware & Entropy: Your Turn

A couple of people expressed interest in the ransomed files I recovered in my last diary entry.

I can not release those files, but I did create a similar file: ransomed-file.bin.

If you want to try to recover the picture in ransomed-file.bin, be aware that I released a new version of my byte-stats tool: byte-stats-V0_0_2.zip. It can find simple sequences and contains a man page now: run byte-stats.py -m to display the man page.

And if you manage to recover the jpeg file: let me know what you think this picture is ;-)


Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
IT Security consultant at Contraste Europe.


677 Posts
ISC Handler
Oct 31st 2015
Looks like a thermal image of a laptop to me. 39C is pretty hot too (the highest temp, not the one shown, 37.4).

Tricky how you made it look more random and forced me to use -s. Had I not known this was a jpeg, I might have given up without trying -s. Oh well, that's call learning.

Sign Up for Free or Log In to start participating in the conversation!