How to decrypt DJVU Ransomware files? STOPDecrypter

by Brendan Smith
August 8, 2019

Virus researcher Michael Gillespie (USA) managed to create his decoder for some versions and variants of DJVU ransomware family.

It work when the DJVU virus used an offline key for encryption.

You can download free decryption tool here: STOPDecrypter. This tool includes a BruteForcer just for variants which use XOR encryption, a simple symmetric cipher that is relatively easy to break. The decrypter tool requires victims to provide an encrypted and original file pair greater than 150KB.

Download STOPDecrypter tool

Download STOPDecrypter

Extract STOPDecrypter tool to your Desktop folder

Unzip STOPDecrypter.zip file to Desktop

Run STOPDecrypter tool

Run STOPDecrypter

Remember: STOPDecrypter should be run as an Administrator from the Desktop.

Select your folder and press “Decrypt” button

STOPDecrypter select folder

About the author

Brendan Smith

Cybersecurity analyst covering malware families, suspicious files, and detection alerts. Brendan focuses on clear explanations of what a warning means, when it may be a false positive, and which cleanup steps are appropriate.

View all posts

2 Comments

  • tenho dois hdd primario e segundario
    meu aquivo criptografado “XCMB” no HDD segundario e o primario eu formatei
    ai continhua a mesma coixa dando erro quer devo fazer ?

    acediosamente

    fabio

    Reply

Leave a Comment