Ransomware Decryption Tools Collection

Discussion in 'Other Security for Windows' started by BoraMurdar, May 9, 2016.

  1. BoraMurdar

    BoraMurdar Super Moderator
    Staff Member

    Aug 30, 2012
    5,780
    22,460
    Doctor of medicine
    Serbia
    Windows 10
    Emsisoft
    Official Website:
    https://malwaretips.com/
    Release Notes:
    https://malwaretips.com/threads/ransomware-decryption-tools-collection.59627/
    Build version:
    Point of this thread is posting every ransomware decryption tool you can find online. Of course from a trusted source.
    rsa_encrypt_decrypt.png

    Requirements
    Code:
    Product Name :
    What ransomware the tool is made for :
    Version Number (if possible) :
    Screenshot of the program (if available) :
    Download link (from developer site if possible) :

    Please do not post anti-ransomware tools and software that protects users from these malwares. Post tools that are made to decrypt already encrypted files on the victim's computer. Also, check if the tool is already posted, don't duplicate.

    Let us help people in trouble! Stop the ransom! :cool:
     
  2. BoraMurdar

    BoraMurdar Super Moderator
    Staff Member

    Aug 30, 2012
    5,780
    22,460
    Doctor of medicine
    Serbia
    Windows 10
    Emsisoft
    Product Name : JigSawDecrypter
    What ransomware the tool is made for : JigSaw ransomware, a nasty variant that does actually delete your files hourly.
    Version Number (if possible) : N/A
    Screenshot of the program (if available) :
    [​IMG]
    Download link (from developer site if possible) : https://download.bleepingcomputer.com/demonslay335/JigSawDecrypter.zip
     
    Niente, DJ Panda, davisd and 7 others like this.
  3. Captain Awesome

    Captain Awesome Level 19

    May 7, 2016
    900
    7,040
    Student
    India
    Windows 10
    Emsisoft
    #3 Captain Awesome, May 9, 2016
    Last edited: May 9, 2016
    Product Name :HydraCrypt and UmbreCrypt decrypter
    What ransomware the tool is made for :HydraCrypt and UmbreCrypt both families are closely related to the CrypBoss ransomware family
    Version Number (if possible) :N/A
    Screenshot of the program (if available) :
    [​IMG]
    Download link (from developer site if possible) :http://emsi.at/DecryptHydraCrypt
     
    Niente, DJ Panda, davisd and 7 others like this.
  4. Captain Awesome

    Captain Awesome Level 19

    May 7, 2016
    900
    7,040
    Student
    India
    Windows 10
    Emsisoft
    Product Name :RakhniDecryptor
    What ransomware the tool is made for :to unlock files with the .locked and .kraken extensions. These files are encrypted by Rakhni Ransomware.
    Version Number (if possible) :V.1.15.1.0
    Screenshot of the program (if available) :N/A
    Download link (from developer site if possible) :Utilities
     
    Niente, Jrs30, DJ Panda and 6 others like this.
  5. Captain Awesome

    Captain Awesome Level 19

    May 7, 2016
    900
    7,040
    Student
    India
    Windows 10
    Emsisoft
    Product Name :CryptXXX decryption tool
    What ransomware the tool is made for :CryptXXX Ransomware (.crypt extension)
    Version Number (if possible) :N/A
    Screenshot of the program (if available) :N/A
    Download link (from developer site if possible) :CryptXXX decryption tool
     
    Niente, Jrs30, DJ Panda and 5 others like this.
  6. Morvotron

    Morvotron New Member

    Mar 24, 2015
    279
    1,881
    Product Name : TeslaCrypt Decryption Tool
    What ransomware the tool is made for :TeslaCrypt Ransomware
    Screenshot of the program (if available) :N/A
    Download link (from developer site if possible) : TeslaCypt Decryption Tool
     
    Niente, Jrs30, DJ Panda and 3 others like this.
  7. Duotone

    Duotone Level 9

    Mar 17, 2016
    407
    2,517
    GEODETIC ENGINEER
    Philippines
    Windows 7
    Default-Deny
    Product Name : Emsisoft Decrypter
    What ransomware the tool is made for :
    • Nemucod
    • DMALocker2
    • HydraCrypt
    • DMALocker
    • CrypBoss
    • Gomasom
    • LeChiffre
    • Decrypter for KeyBTC
    • Radamant
    • CryptInfinite
    • PClock
    • CryptoDefense
    • Harasom.
    Screenshot of the program (if available) :N/A
    Download link (from developer site if possible) : Download a free Emsisoft Decrypter for the latest file encryption ransomware
     
    Niente, Jrs30, BoraMurdar and 4 others like this.
  8. frogboy

    frogboy Level 61
    Trusted

    Jun 9, 2013
    6,232
    64,815
    Heavy Duty Mechanic.
    Western Australia
    Windows 10
    Emsisoft
    upnorth and Jrs30 like this.
  9. marzametal

    marzametal Level 7

    Jun 10, 2014
    317
    467
    Carer
    Australia
    Windows 7
    My apologies for the amateur question, but this is the first time that my thoughts have entertained Ransomware.

    Is there any documentation out there that highlights how Ransomware works? For example, once executed, does it create a list of files on your system and then encrypts... or does it see a sector, encrypts it, and then repeats process? What processes does it use (cmd, conhost, rundll32, dllhost etc...)?

    What I hope to figure out is... if I, the user, am barred from modifying, copying, deleting, renaming a file on C:\Windows, Program Files x86 and x64, and it's subfolders because of "hardened settings (that can be undone by 4 clicks of a mouse)", then would an encrypter like a Ransomware be able to perform any mods? My tweaks are my own, and trying a "test" in a VM would defeat the purpose.

    I will spend some time on reading up on this soon... just thought I'd throw the question out there. Thanks for reading and any advice/feedback provided!
     
  10. BoraMurdar

    BoraMurdar Super Moderator
    Staff Member

    Aug 30, 2012
    5,780
    22,460
    Doctor of medicine
    Serbia
    Windows 10
    Emsisoft
    Niente, silversurfer, Jrs30 and 2 others like this.
Loading...