Friday, June 14, 2013

The case of Win32.Filecoder Ransomware

Few days ago i have got a computer that was infected with Win32\Filecoder.NAG, this nasty ransomware has encrypted the user files and presented the following message to the user:

So basically in order to get your files back you should pay 300$.

I have done a little bit of reverse engineering of this ransomware in order to try to find a way to get the key without paying the ransom.