Ransomware decryption tools – All the tools you need to get your files back [20+ decryption tools]

We have made a collection of ransomware decryption tools in order to help you with getting your files back. The ransomware decryption tools which have been listed here, have been collected from various online sources. Where it is possible – we will try to mention the source of the ransomware decryption tool.

There is just one important thing you need to keep in mind – there is no guarantee that the decryption tools that have been listed here will be able to get your files back. The ransomware environment is moving in a very fast pace which means that the tools that are listed here can be outdated in just a couple of days.

Locky ransomware decryption tools

The Locky family changes the extensions of the files with the .locky extention, this is a strong indicator that your device has become the victim of the Locky ransomware family.

Emsisoft Decrypter for AutoLocky

The guys from Emsisoft said the following about the Locky family:

AutoLocky is a new ransomware written in the popular scripting language AutoIt. It tries to imitate the complex and sophisticated Locky ransomware, but is nowhere near as complex and sophisticated, which makes decryption feasible.

Which means that there is a chance to getting your files back.

You can download the Emsisoft Decrypter for AutoLocky directly from the official Emsisoft website.

HydraCrypt and UmbreCrypt Ransomware

The HydraCrypt and UmbreCrypt is another ransomware family which is known for encryption various files on the infected device – another known item with this ransomware family is the fact that it changes the last 15bits of any encrypted file – which in order results in a damaged or corrupt file. If that has happened, you can use repair tools to repair the corrupted or damaged file – another method is to open and save the file again.

You can download the HydraCrypt and UmbreCrypt ransomware decrypter directly from Emsisoft.


The guys from FireEye and Fox-IT had published a website, which you could use to decrypt Cryptolocker locked files, but the site has been taken offline.

If you still have your hopes up, you can check if the Cryptolocker decryption site is online at:

Petya ransomware decryption tool

The Petya ransomware family is another ransomware which can be decrypted – the author of the Petya Ransomware decryption tool is currently active on Github and it is the same place where you can download the Petya Ransomware decryption tool for free.

Cyberwarzone ransomware decryption toolkit

We thought that it might be handy to create a package which contains all the decryption toolkits. The following toolkits have been included in the Cyberwarzone ransomware decryption toolkit:

  1. Decryption tool for Nemucod ransomware family
  2. Decryption tool for DMALocker2 ransomware family
  3. Decryption tool for HydraCrypt ransomware family
  4. Decryption tool for DMALocker ransomware family
  5. Decryption tool for CrypBoss ransomware family
  6. Decryption tool for Gomasom ransomware family
  7. Decryption tool for LeChiffre ransomware family
  8. Decryption tool for KeyBTC ransomware family
  9. Decryption tool for Radamant ransomware family
  10. Decryption tool for CryptInfinite ransomware family
  11. Decryption tool for PClock ransomware family
  12. Decryption tool for CryptoDefense ransomware family
  13. Decryption tool for Harasom ransomware family
  14. Decryption tool for the Petya ransomware family
  15. Decryption tool for the TeslaCrypt ransomware family
  16. Decryption tool for the Rector ransomware family
  17. Decryption tool for the Rakhni ransomware family
  18. Decryption tool for the Rannoh ransomware family
  19. Decryption tool for the Scatter ransomware family
  20. Decryption tool for the Xorist ransomware family
  21. Decryption tool for the Scraper ransomware family
  22. Decryption tool for the CoinVault ransomware family
  23. Decryption tool for the JigSaw ransomware family

Disclaimer: We do not own any of these tools – we have simply collected them from the web, and put them in one massive file – simply to help people forward. The use of these tools are at your own risk.



Sources used: Github, Kaspersky, Emsisoft.



Share This Message