Skip to content

SpiderLabs/BlackByteDecryptor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

BlackByteDecryptor

BlackByteDecryptor

 
 

build

build

 
 

sample

sample

 
 

AUTHORS

AUTHORS

 
 

BlackByteDecryptor.sln

BlackByteDecryptor.sln

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

forest.png

forest.png

 
 

Repository files navigation

BlackByteDecryptor

This is a decryptor for the ransomware BlackByte. The key is stored in a file called forest.png, which was downloaded from http[:]//45.9.148.114/forest.png

Requirements

This requires .NET core 3.1 runtime which you can download from here: https://dotnet.microsoft.com/download/dotnet/3.1

Decrypting an encrypted file

> BlackByteDecryptor forest.png spider.png.blackbyte

Decrypting a directory

> BlackByteDecryptor forest.png c:\temp

This will decrypt files in the c:\temp directory, or to recursively decrypt a directory:

> BlackByteDecryptor forest.png c:\temp -r

Pre-built binary

We suggest building the source yourself, but if you prefer a pre-built binary, you can download it here. We have also provided a sample encrypted file called spider.png.blackbyte.

Write up and analysis

BlackByte Ransomware – Pt. 1 In-depth Analysis

BlackByte Ransomware – Pt 2. Code Obfuscation Analysis

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

58 stars

Watchers

9 watching

Forks

20 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages