Kaspersky Rakhni Decryptor Ransomware Decryptor Download

Rakhni Decryptor is a general purpose ransomware decryptor created by Kaspersky Labs.

Instead of creating a separate decryptor for each ransomware infection, they created on decryptor that can handle a variety of different families.

Download Rakhni Decryptor

Currently Rakhni Decryptor can decrypt the following ransomware families:

Trojan-Ransom.Win32.Rakhni, Trojan-Ransom.Win32.Agent.iih, Trojan-Ransom.Win32.Aura, Trojan-Ransom.Win32.Autoit, Trojan-Ransom.AndroidOS.Pletor, Trojan-Ransom.Win32.Rotor, Trojan-Ransom.Win32.Lamer, Trojan-Ransom.MSIL.Lortok, Trojan-Ransom.Win32.Cryptokluchen, Trojan-Ransom.Win32.Democry, Trojan-Ransom.Win32.Bitman version 3 and 4, Trojan-Ransom.Win32.Libra, Trojan-Ransom.MSIL.Lobzik, Trojan-Ransom.Win32.Chimera, Trojan-Ransom.Win32.Mircop, and Trojan-Ransom.Win32.Crusis

Of these families, Rakhni Decryptor can decrypt files that have their filenames encrypted and renamed to the one of the following formats:

MISC RANSOMWARE:

<filename>.<original_extension>_crypt

<filename>.crypt@india.com.random_characters>

Trojan-Ransom.Win32.Democry:

<file_name>.<original_extension>+<._date-time_$address@domain$.777>

<file_name>.<original_extension>+<._date-time_$address@domain$.legion>

Trojan-Ransom.Win32.Bitman version 3:

<file_name>.<xxx>

<file_name>.<ttt>

<file_name>.<micro>

<file_name>.<mp3>

Trojan-Ransom.Win32.Bitman version 4:

<file_name>.<original_extension> (name and extension are not changed)

Trojan-Ransom.Win32.Libra:

<file_name>.<encrypted>

<file_name>.<locked>

<file_name>.<SecureCrypted>

Trojan-Ransom.MSIL.Lobzik:

<file_name>.<fun>

<file_name>.<gws>

<file_name>.<btc>

<file_name>.<AFD>

<file_name>.<porno>

<file_name>.<pornoransom>

<file_name>.<epic>

<file_name>.<encrypted>

<file_name>.<J>

<file_name>.<payransom>

<file_name>.<paybtcs>

<file_name>.<paymds>

<file_name>.<paymrss>

<file_name>.<paymrts>

<file_name>.<paymst>

<file_name>.<paymts>

<file_name>.<payrms>

TROJAN-RANSOM.WIN32.MIRCOP:

Lock.file_name.original extension

TROJAN-RANSOM.WIN32.CRUSIS:

.ID<…>.@..xtbl

.ID<…>.@..CrySiS

.id-<…>.@..xtbl

.id-<…>.@..CrySiS

DHARMA RANSOMWARE:

.[3angle@india.com].dharma

.[amagnus@india.com].dharma

.[base_optimal@india.com].dharma

.[bitcoin143@india.com].dharma

.[blackeyes@india.com].dharma

.[doctor.crystal@mail.com].dharma

.[dr_crystal@india.com].dharma

.[emmacherry@india.com].dharma

.[google_plex@163.com].dharma

.[mr_lock@mail.com].dharma

.[opened@india.com].dharma

.[oron@india.com].dharma

.[payforhelp@india.com].dharma

.[savedata@india.com].dharma

.[singular@india.com].dharma

.[suppforhelp@india.com].dharma

.[SupportForYou@india.com].dharma

.[tombit@india.com].dharma

.[worm01@india.com].dharma

Mously Academy

Kaspersky Rakhni Decryptor Ransomware Decryptor Download

Default