TeslaCrypt Decryption Tool Logo
ZIP SHA256: 333897ae2d63e44717485eefec1e055b95eb7c202d3bdbed28e7fe281506864d

ZIP SHA256: 5ab2feaf8bf89d768c8f4fa01a7f0d1657655527db7a172bfca68375abb7077c

TeslaCrypt Decryption Tool

Talos has developed a decryption tool to aid users whose files have been encrypted by TeslaCrypt ransomware. The Talos TeslaCrypt Decryption Tool is an open source command line utility for decrypting TeslaCrypt encrypted files so users’ files can be returned to their original state.

TeslaCrypt malware encrypts the victim’s files such as photos, videos, documents, saved game files, and demands a ransom from the victim within a time limit. When the victim pays the ransom they can download a decryption key that will restore their files, otherwise the files are permanently lost.

Our decryption tool gives the victim the power to decrypt their files themselves, circumventing the ransomware.

Version 1.0 is able to decrypt all the files encrypted by all version of TeslaCrypt and AlphaCrypt:

  • TeslaCrypt 0.x - Encrypts files using an AES-256 CBC algorithm
  • AlphaCrypt 0.x - Encrypts files using AES-256 and encrypts the key with EC
  • TeslaCrypt 2.x - Same as previous versions, but uses EC to create a weak Recovery key. The application is able to use factorization to recover the victim's global private key.
  • TeslaCrypt 3 & 4 - The latest versions. Able to decrypt thanks to the C&C server EC private key which was recently released.

Improvements

This application contains a lot of improvements and modifications in respect to TeslaDecrypter 0.5. Here is a complete list:

  • Re-designed the decryption algorithm, now better handles big files and uses less memory
  • Added support for the Factorization algorithm (TeslaCrypt 2.x) able to reconstruct the victim's private key (written in plain C++) and 50 times faster than its Python counterpart
  • An algorithm able to manage and launch Msieve, and parse its log file
  • Added support for TeslaCrypt 3.x and 4.x
  • Added key verification algorithms (TeslaCrypt 2.x/3/4) - In this way the Decryptor can't produce invalid files
  • A powerful command line arguments
  • Imported leaked TeslaCrypt 3.x/4 C&C private key

Click here to learn more about the Talos TeslaCrypt Decryption Tool.

*Note – Encrypted files should be backed up before using this utility. This is a test tool which is not officially supported and the user assumes all liability for the use of the tool.