Trend Micro Ransomware File Decryptor Covers a Decent Number of Strains

While not perfect, this is a nice little tool to have in the toolbox just in case. I haven’t tried it personally, but it is said to decrypt files infected from the list below. Keep in mind there are some issues with certain strains, such as CryptXXX V3 and CERBER, so be sure to read the instructions and notes before proceeding. Hopefully you will never need this, but if you do, good luck.

The tool will attempt to decrypt files encrypted by:

  1. CryptXXX V1, V2, V3
  2. CryptXXX V4, V5
  3. Crysis
  4. DemoTool
  5. DXXD
  6. TeslaCrypt V1
  7. TeslaCrypt V2
  8. TeslaCrypt V3
  9. TeslaCrypt V4
  10. SNSLocker
  11. AutoLocky
  12. BadBlock
  13. 777
  14. XORIST
  15. Teamxrat/Xpan
  16. XORBAT
  17. CERBER V1
  18. Stampado
  19. Nemucod
  20. Chimera
  21. LECHIFFRE
  22. MirCop
  23. Jigsaw
  24. Globe/Purge
  25. V2:
  26. V3:

Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec

Leave a Reply