Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time
June 8, 2016 16:27
April 30, 2015 16:38
June 8, 2016 16:27
June 8, 2016 16:27
June 8, 2016 16:27
June 8, 2016 16:27

Talos Universal TeslaDecrypter

Version 1.0
An application able to decrypt all the files encrypted by all version of TeslaCrypt and AlphaCrypt:
  • TeslaCrypt 0.x - Encrypts files using an AES-256 CBC algorithm
  • AlphaCrypt 0.x - Encrypts files using AES-256 and encrypts the key with EC
  • TeslaCrypt 2.x - Same as before, but uses EC to create a weak Recovery key. The application is able to use factorization to recover the victim's global private key.
  • TeslaCrypt 3 & 4 - The last ultimate versions. We are able to decrypt their files because we have sink-holed the C&C server EC private key.

To proper compile the code you should have OpenSsl installed in a particular root directory (like "C:\OpenSsl"), and an environment variable named "openssldir" that points to it.
You can find an handy pre-compiled OpenSsl package here:
The code has been tested with 2 environments: Visual Studio 2008 and Visual Studio 2015.
To proper allow the factorization to run, you should add 2 Msieve files inside the compiled application path:
  • msieve152.exe
  • pthreadGC2.dll
Those files have been already included in this repository. You can find a copy of Msieve here:

This application contains a lot of improvements and modifications in respect to TeslaDecrypter 0.2. Here is a complete list:
  • Re-designed the decryption algorithm (now it properly deals with big files and uses less memory)
  • Added support for the Factorization algorithm (TeslaCrypt 2.x) able to reconstruct the victim's private key (Yes, written in plain C++ :-) and 50 times faster than its Python counterpart)
  • An algorithm able to manage and launch Msieve, and parse its log file
  • Added support for TeslaCrypt 3.x and 4.x
  • Added key verification algorithms (TeslaCrypt 2.x/3/4) - In this way the Decryptor can't produce invalid files
  • A powerful command line arguments
  • Imported leaked TeslaCrypt 3.x/4 C&C private key

Last revision: 05/31/2016