Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
Decryption tool for TeslaCrypt ransomware. For details, please visit http://blogs.cisco.com/talos/teslacrypt
An application able to decrypt all the files encrypted by all version of TeslaCrypt and AlphaCrypt:
- TeslaCrypt 0.x - Encrypts files using an AES-256 CBC algorithm
- AlphaCrypt 0.x - Encrypts files using AES-256 and encrypts the key with EC
- TeslaCrypt 2.x - Same as previous versions, but uses EC to create a weak Recovery key. The application is able to use factorization to recover the victim's global private key.
- TeslaCrypt 3 & 4 - The latest versions. Able to decrypt thanks to the C&C server EC private key which was recently released.
This application contains a lot of improvements and modifications in respect to TeslaDecrypter 0.5. Here is a complete list:
- Re-designed the decryption algorithm (now it properly deals with big files and uses less memory)
- Added support for the Factorization algorithm (TeslaCrypt 2.x) able to reconstruct the victim's private key (Yes, written in plain C++ :-) and 50 times faster than its Python counterpart)
- An algorithm able to manage and launch Msieve, and parse its log file
- Added support for TeslaCrypt 3.x and 4.x
- Added key verification algorithms (TeslaCrypt 2.x/3/4) - In this way the Decryptor can't produce invalid files
- A powerful command line arguments
- Imported leaked TeslaCrypt 3.x/4 C&C private key