No description or website provided.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


This tool scans files that may have been encrypted by CryptoLocker and checks for known content headers to determine if the file contents appear valid or if you need to perform additional research / backup restores.

As of December 2013 we are making the source code to this tool public, with an MIT license, for others to extend as they see fit. Please feel free to submit pull requests for additions or revisions to this code.


A binary download is also available at


In the aftermath of a nasty CryptoLocker infection we very quickly created this tool for internal use. This happened within 3 hours after determining that the target infection affected thousands of files across a multitude of subdirectories. After a basic clean up and adding a progress bar we made the original binary available on October 25th 2013.