1. upnorth

    upnorth Level 11

    Jul 27, 2015
    The Talos Security Intelligence and Research Group ( Talos ) reported in April 27, 2015 that they made a tool ( TeslaDecrypt ) that was able to decrypt the files encrypted by the TeslaCrypt ransomware. My question is...does this tool still work?

    The tool is old by now but I'm still curious so any member up for the challange and have time for it please feel free to test it and report back what happend.

    Threat Spotlight: TeslaCrypt – Decrypt It Yourself

    vrtadmin/TeslaDecrypt · GitHub

    Also seen a tool on bleepingcomputer.com that's supposed to be effective for the newer TeslaCrypt versions. TeslaDecoder.
    Rishi, harlan4096, frogboy and 2 others like this.
  2. LabZero

    LabZero Guest

    It would be good to test this tool to see if it also works with new Tesla Crypt versions.

    Reading the article, it is evident that the infected system must necessarily still contains a file called key.dat.
    In this file, Tesla Crypt retains a variety of information used to encode files and It's essential to decoding task;

    key.dat file is stored inside the % appdata% Windows folder. In case the file was deleted or not present, the recovery of your encrypted files will not be possible, at least using Tesla Decrypt tool.

    So I think It's therefore need to know whether the new ransomware versions still use the same mentioned file and then proceed with test.
    Rishi and frogboy like this.
  3. Rituraj Borah

    Rituraj Borah New Member

    Feb 16, 2016
    I am having some problem with this maleware called Teslacrypt.. It encrypts many different files. The virus encrypts drives, network shares. It is affecting the one network drive it connects to.
    Rishi and upnorth like this.
  4. hjlbx

    hjlbx Guest

    Open thread about your infection here: Malware Removal Assistance

    You will receive malware removal assistance from @TwinHeadedEagle .

    NOTE: The process of online assisted malware removal takes time - up to a few days.

    It requires persistence and patience, but the reward is a disinfected system.
    Rishi likes this.
  5. upnorth

    upnorth Level 11

    Jul 27, 2015
    Rishi, silversurfer and Der.Reisende like this.
Similar Threads Forum Date
Malware Alert Crysis Ransomware Appears Out of Thin Air to Take TeslaCrypt's Place News Archive Jun 10, 2016
Beyond TeslaCrypt: Crysis family lays claim to parts of its territory News Archive Jun 7, 2016
SOLVED Malware removal help (possibly teslacrypt) Malware Removal Assistance For Windows May 22, 2016