Skip to content
/ adwind-decryptor Public

Simple decrypter for Java AdWind, jRAT, jBifrost trojan

18 stars 14 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mhelwig/adwind-decryptor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
dist
dist
 
 
src/adwinddecryptor
src/adwinddecryptor
 
 
README.md
README.md
 
 

Repository files navigation

AdWind Decryptor

Simple decryptor for encrypted files in the AdWind/jRAT/jBifrost Java RAT.

Usage

usage: java -jar AdWindDecryptor
 -a,--aeskeyfile <arg>   AES key file path
 -i,--input <arg>        input file path
 -o,--output <arg>       decrypted output file path
 -r,--rsakeyfile <arg>   serialized RSA KeyRep file path

Example

java -jar AdWindDecryptor.jar -a mega.download -r sky.drive -i drop.box -o decrypted-file

WARNING

This decryptor unserializes an object that is part of the malware. Therefore, it is possible that the the decryptor could get hijacked by the malware. Only use in an isolated environment and with caution.

TODOs

  • Avoid unserializing the object

About

Simple decrypter for Java AdWind, jRAT, jBifrost trojan

Resources

Readme
Activity

Stars

18 stars

Watchers

5 watching

Forks

14 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages