|
A couple of people expressed interest in the ransomed files I recovered in my last diary entry. I can not release those files, but I did create a similar file: ransomed-file.bin. If you want to try to recover the picture in ransomed-file.bin, be aware that I released a new version of my byte-stats tool: byte-stats-V0_0_2.zip. It can find simple sequences and contains a man page now: run byte-stats.py -m to display the man page. And if you manage to recover the jpeg file: let me know what you think this picture is ;-)
Didier Stevens |
DidierStevens 649 Posts ISC Handler Oct 31st 2015 |
| Thread locked Subscribe |
Oct 31st 2015 6 years ago |
|
Looks like a thermal image of a laptop to me. 39C is pretty hot too (the highest temp, not the one shown, 37.4).
Tricky how you made it look more random and forced me to use -s. Had I not known this was a jpeg, I might have given up without trying -s. Oh well, that's call learning. |
Anonymous |
| Quote |
Nov 2nd 2015 6 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
