Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-02-07SentinelOneAntonis Terefos
@online{terefos:20230207:cl0p:dfa5c77, author = {Antonis Terefos}, title = {{Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available}}, date = {2023-02-07}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/}, language = {English}, urldate = {2023-02-09} } Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available
Clop
2023-01-05Bleeping ComputerBill Toulas
@online{toulas:20230105:bitdefender:dc76b2a, author = {Bill Toulas}, title = {{Bitdefender releases free MegaCortex ransomware decryptor}}, date = {2023-01-05}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/bitdefender-releases-free-megacortex-ransomware-decryptor/}, language = {English}, urldate = {2023-01-06} } Bitdefender releases free MegaCortex ransomware decryptor
MegaCortex
2022-11-28Github (reecdeep)reecdeep
@online{reecdeep:20221128:hivev5:ddd645c, author = {reecdeep}, title = {{HiveV5 file decryptor PoC}}, date = {2022-11-28}, organization = {Github (reecdeep)}, url = {https://github.com/reecdeep/HiveV5_file_decryptor}, language = {English}, urldate = {2022-12-29} } HiveV5 file decryptor PoC
Hive Hive
2022-11-21Github (larsborn)Lars Wallenborn
@online{wallenborn:20221121:tofsee:8a0c345, author = {Lars Wallenborn}, title = {{Tofsee String Decryption Code}}, date = {2022-11-21}, organization = {Github (larsborn)}, url = {https://gist.github.com/larsborn/0ec24d7b294248c51de0c3335802cbd4}, language = {English}, urldate = {2022-11-25} } Tofsee String Decryption Code
Tofsee
2022-10-17Malversegreenplan
@online{greenplan:20221017:stack:5c74181, author = {greenplan}, title = {{Stack String Decryption with Ghidra Emulator (Orchard)}}, date = {2022-10-17}, organization = {Malverse}, url = {https://malverse.it/stack-string-decryptor-con-ghidra-emulator-orchard}, language = {Italian}, urldate = {2022-10-18} } Stack String Decryption with Ghidra Emulator (Orchard)
Orchard
2022-09-26K7 SecurityGaurav Yadav
@online{yadav:20220926:dcdcrypt:b3ac294, author = {Gaurav Yadav}, title = {{DcDcrypt Ransomware Decryptor}}, date = {2022-09-26}, organization = {K7 Security}, url = {https://labs.k7computing.com/index.php/dcdcrypt-ransomware-decryptor/}, language = {English}, urldate = {2022-09-30} } DcDcrypt Ransomware Decryptor
DcDcrypt
2022-07-13Palo Alto Networks Unit 42Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia, Siddhart Shibiraj
@online{navarrete:20220713:cobalt:dd907c3, author = {Chris Navarrete and Durgesh Sangvikar and Yu Fu and Yanhui Jia and Siddhart Shibiraj}, title = {{Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption}}, date = {2022-07-13}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-metadata-encryption-decryption/}, language = {English}, urldate = {2022-07-15} } Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption
Cobalt Strike
2022-07-07EmsisoftEmsisoft
@online{emsisoft:20220707:astralocker:4fc94a1, author = {Emsisoft}, title = {{AstraLocker decryptor}}, date = {2022-07-07}, organization = {Emsisoft}, url = {https://www.emsisoft.com/ransomware-decryption-tools/astralocker}, language = {English}, urldate = {2022-07-12} } AstraLocker decryptor
AstraLocker
2022-07-04Bleeping ComputerSergiu Gatlan
@online{gatlan:20220704:astralocker:02fcfe5, author = {Sergiu Gatlan}, title = {{AstraLocker ransomware shuts down and releases decryptors}}, date = {2022-07-04}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/astralocker-ransomware-shuts-down-and-releases-decryptors/}, language = {English}, urldate = {2022-08-05} } AstraLocker ransomware shuts down and releases decryptors
AstraLocker
2022-06-09Bleeping ComputerLawrence Abrams
@online{abrams:20220609:roblox:19b3f09, author = {Lawrence Abrams}, title = {{Roblox Game Pass store used to sell ransomware decryptor}}, date = {2022-06-09}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/roblox-game-pass-store-used-to-sell-ransomware-decryptor/}, language = {English}, urldate = {2022-06-10} } Roblox Game Pass store used to sell ransomware decryptor
Chaos
2022-04-18Bleeping ComputerSergiu Gatlan
@online{gatlan:20220418:free:d6f6e7a, author = {Sergiu Gatlan}, title = {{Free decryptor released for Yanluowang ransomware victims}}, date = {2022-04-18}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-yanluowang-ransomware-victims/}, language = {English}, urldate = {2022-04-20} } Free decryptor released for Yanluowang ransomware victims
Yanluowang
2022-03-21Threat PostLisa Vaas
@online{vaas:20220321:conti:0b203c8, author = {Lisa Vaas}, title = {{Conti Ransomware V. 3, Including Decryptor, Leaked}}, date = {2022-03-21}, organization = {Threat Post}, url = {https://threatpost.com/conti-ransomware-v-3-including-decryptor-leaked/179006/}, language = {English}, urldate = {2022-03-22} } Conti Ransomware V. 3, Including Decryptor, Leaked
Cobalt Strike Conti TrickBot
2022-03-04Threat PostLisa Vaas
@online{vaas:20220304:free:60674b1, author = {Lisa Vaas}, title = {{Free HermeticRansom Ransomware Decryptor Released}}, date = {2022-03-04}, organization = {Threat Post}, url = {https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/}, language = {English}, urldate = {2022-03-07} } Free HermeticRansom Ransomware Decryptor Released
PartyTicket
2022-03-03Avast DecodedThreat Research Team
@online{team:20220303:help:d086921, author = {Threat Research Team}, title = {{Help for Ukraine: Free decryptor for HermeticRansom ransomware}}, date = {2022-03-03}, organization = {Avast Decoded}, url = {https://decoded.avast.io/threatresearch/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware/}, language = {English}, urldate = {2022-03-03} } Help for Ukraine: Free decryptor for HermeticRansom ransomware
PartyTicket
2022-03-03Bleeping ComputerBill Toulas
@online{toulas:20220303:free:f5952fa, author = {Bill Toulas}, title = {{Free decryptor released for HermeticRansom victims in Ukraine}}, date = {2022-03-03}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-hermeticransom-victims-in-ukraine/}, language = {English}, urldate = {2022-03-04} } Free decryptor released for HermeticRansom victims in Ukraine
PartyTicket
2022-03-02ThreatpostLisa Vaas
@online{vaas:20220302:conti:ffc8271, author = {Lisa Vaas}, title = {{Conti Ransomware Decryptor, TrickBot Source Code Leaked}}, date = {2022-03-02}, organization = {Threatpost}, url = {https://threatpost.com/conti-ransomware-decryptor-trickbot-source-code-leaked/178727/}, language = {English}, urldate = {2022-03-07} } Conti Ransomware Decryptor, TrickBot Source Code Leaked
Conti TrickBot
2022-03-01CrowdStrikeCrowdStrike Intelligence Team
@online{team:20220301:decryptable:27c195e, author = {CrowdStrike Intelligence Team}, title = {{Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities}}, date = {2022-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine/}, language = {English}, urldate = {2022-03-07} } Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities
PartyTicket
2022-03-01Github (usualsuspect)Johann Aydinbas
@online{aydinbas:20220301:python:1e7cf7b, author = {Johann Aydinbas}, title = {{Python script to decrypt embedded driver used in Daxin}}, date = {2022-03-01}, organization = {Github (usualsuspect)}, url = {https://gist.github.com/usualsuspect/839fbc54e0d76bb2626329cd94274cd6}, language = {English}, urldate = {2022-03-07} } Python script to decrypt embedded driver used in Daxin
Daxin
2022-02-24LIFARSVlad Pasca
@online{pasca:20220224:how:77b74bc, author = {Vlad Pasca}, title = {{How to Decrypt the Files Encrypted by the Hive Ransomware}}, date = {2022-02-24}, organization = {LIFARS}, url = {https://lifars.com/2022/02/how-to-decrypt-the-files-encrypted-by-the-hive-ransomware/}, language = {English}, urldate = {2022-03-01} } How to Decrypt the Files Encrypted by the Hive Ransomware
Hive Hive
2022-02-24kienmanowar Blogm4n0w4r, Tran Trung Kien
@online{m4n0w4r:20220224:quicknote:bea9238, author = {m4n0w4r and Tran Trung Kien}, title = {{[QuickNote] Techniques for decrypting BazarLoader strings}}, date = {2022-02-24}, organization = {kienmanowar Blog}, url = {https://kienmanowar.wordpress.com/2022/02/24/quicknote-techniques-for-decrypting-bazarloader-strings/}, language = {English}, urldate = {2022-03-01} } [QuickNote] Techniques for decrypting BazarLoader strings
BazarBackdoor