0

I have file with extension *.encrypted. Can you give me some advice how to recognise by witch tool was this file encrypted? It´s not encrypted by some ransomware but by some encrypt tool. When I open the file using a notepad, I can see this: M%Ý~ÝÀ©üŒ]ÏùfB€d€N¯à’ßÌ•¤Ü]ñåo

schroeder
  • 123,438
  • 55
  • 284
  • 319
Brian
  • 1
  • Any private and custom encryption tool can generate `*.encrypted` file as output. I personally have created a custom file encryptor which uses AES and generates `*.exe.encrypted` as output. So it isn't necessarily an public and famous tool. – 0_o Nov 13 '18 at 09:34
  • this is a duplicate of: https://security.stackexchange.com/questions/197541/encrypted-file-i-need-decrypt-it – schroeder Nov 13 '18 at 19:51
  • Asking what application is the wrong approach, you should be asking what is the algorithm used. Likely they used some form of standard encryption, though it is possible it is a homegrown algorithm. It is your task to analyze the file (as binary, not text), and reverse engineer it. What you're asking is not a trivial task. – Jarrod Christman Nov 13 '18 at 21:31

1 Answers1

3

Unless the application encryption sticks "something" (header, a magic token, etc...) on the header in general it is not possible to know which was the application that makes the encryption.

Sjoerd
  • 28,707
  • 12
  • 74
  • 102
camp0
  • 2,172
  • 1
  • 10
  • 10