系统数据应急救援和信息安全咨询服务

目前大部分主流的勒索病毒都是无法解密的，一些企业在中了勒索病毒之后，为了解密重要数据，保证业务的正常运行，会选择向勒索病毒黑客组织交纳赎金，此前有报道指出勒索病毒黑客组织在2020年至少赚取了3.5亿美元的赎金，这个赎金金额相比2019年增长了311%，2020年勒索病毒的暴利让更多黑客组织开始使用勒索病毒进行攻击，以前大多数勒索病毒主要通过RDP爆破等方式进行传播，现在大部分勒索病毒开始使用各种不同类型的恶意软件进行传播，所以企业中了任何一款流行的恶意软件之后，黑客组织都有可能通过这些流行的恶意软件来传播勒索病毒，都有中勒索病毒的可能，通过数据可以预见2021年勒索病毒会变的更加流行，并且会更加具有针对性，由于勒索病毒的暴利，勒索病毒攻击活动在未来几年仍然是企业面临的最大的网络安全威胁之一，勒索病毒的攻击手法也会越来越多，攻击方式也会越来越复杂。

勒索病毒是近年来呈爆发趋势的一种计算机病毒，也一直是安全团队的重点“关爱”对象。

本文汇总了众多解密工具信息，有需要者可自取!

01 勒索软件解密工具

[Apocalypse勒索软件解密工具]

https://www.pcrisk.com/removal-guides/10111-apocalypse-ransomware

[Alcatrazlocker勒索软件解密工具]

https://files.avast.com/files/decryptor/avast_decryptor_alcatrazlocker.exe

[Alma勒索软件解密工具]

https://info.phishlabs.com/blog/alma-ransomware-analysis-of-a-new-ransomware-threat-and-a-decrypter

[Alpha勒索软件解密工具]

https://dl.360safe.com/Decryptor_AlphaDecrypter.cab

[AL-Namrood勒索软件解密工具]

https://www.pcrisk.com/removal-guides/10535-al-namrood-ransomware

[Apocalypse 勒索病毒解密工具]

http://blog.emsisoft.com/2016/06/29/apocalypse-ransomware-which-targets-companies-through-insecure-rdp/

[Autolocky勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/decrypted-the-new-autolocky-ransomware-fails-to-impersonate-locky/

[Bart勒索病毒解密工具]

http://phishme.com/rockloader-downloading-new-ransomware-bart/

[BitDtak勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/BitStakDecrypter.zip

[BarRax勒索软件解密工具]

https://blog.checkpoint.com/wp-content/uploads/2017/03/BarRaxDecryptor.zip

[CryptON 勒索病毒解密工具]

http://blog.emsisoft.com/2017/03/07/emsisoft-releases-free-decrypter-for-crypton-ransomware/

[CoinVault勒索软件解密工具]

https://www.bleepingcomputer.com/virus-removal/coinvault-ransomware-information

[CryptXXX勒索病毒解密工具]

http://www.bleepingcomputer.com/virus-removal/cryptxxx-ransomware-help-information

[Crypt0勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/Crypt0Decrypter.zip

https://www.pcrisk.com/removal-guides/10478-crypt0-ransomware

[Crypt38Keygen勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/Crypt38Keygen.zip

[Crypren勒索软件解密工具]

https://github.com/pekeinfo/DecryptCrypren

http://www.nyxbone.com/malware/Crypren.html

[CryptComsole勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/CryptConsoleDecrypter.zip

[Crytomix勒索软件解密工具]

https://files.avast.com/files/decryptor/avast_decryptor_cryptomix.exe

[CryptoHostKeygen勒索软件解密工具]

https://github.com/Demonslay335/CryptoHostKeygen

[Cry9勒索软件解密工具]

https://www.pcrisk.com/removal-guides/11199-cry9-ransomware

http://blog.emsisoft.com/2017/04/04/remove-cry9-ransomware-with-emsisofts-free-decrypter/

[CoinVault勒索软件解密工具]

https://www.nomoreransom.org/uploads/CoinVaultDecryptor.zip

[Cryptinfinite勒索软件解密工具]

https://www.pcrisk.com/removal-guides/9568-cryptinfinite-ransomware

[CrazyCrypt勒索密钥生成工具]

https://edr.sangfor.com.cn/file/tool/CrazyCrypt_Password.rar

[DXXD勒索病毒解密工具]

http://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-14-2016-exotic-lockydump-comrade-and-more/

[DoNotOpen勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/DoNotOpenDecrypter.zip

[Decrypt Protect[mbl advisory]勒索病毒解密工具]

Decrypt files with Decrypt_mblblock.exe – Decrypt Protect

[Enigma勒索软件解密工具]

https://www.im-infected.com/ransomware/remove-enigma-ransomware-virus-removal.html

[EduCrypt勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/the-educrypt-ransomware-tries-to-teach-you-a-lesson/

[GhostCrypt勒索病毒解密工具]

http://www.bleepingcomputer.com/forums/t/614197/ghostcrypt-z81928819-help-support-topic-read-this-filetxt/

[GhostCrypt勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/GhostCryptDecrypter.zip

[Gomasom勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/gomasom-crypt-ransomware-decrypted/

[GandCrab勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/fbi-releases-master-decryption-keys-for-gandcrab-ransomware/

[Hidden tear勒索软件解密工具]

https://files.avast.com/files/decryptor/avast_decryptor_hiddentear.exe

https://download.bleepingcomputer.com/demonslay335/hidden-tear-decrypter.zip

[HydraCrypt/UmbreCrypt勒索病毒解密工具]

http://blog.emsisoft.com/2016/02/12/decrypter-for-hydracrypt-and-umbrecrypt-available/

[HydraCrypt勒索软件解密工具]

https://tmp.emsisoft.com/fw/decrypt_hydracrypt.exe

[Hidden Tear勒索软件解密工具]

https://www.cyber.nj.gov/threat-profiles/ransomware-variants/hidden-tear

[InsaneCrypt勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/InsaneCryptDecrypter.zip

[Ims00rry勒索软件解密工具]

https://securityaffairs.co/wordpress/88376/malware/ims00rry-ransomware-decryptor.html

https://www.emsisoft.com/decrypter/ims00rry

[Jigsaw勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/jigsaw-ransomware-becomes-cryptohitman-with-porno-extension/

[JuicyLemon勒索软件解密工具]

https://dl.360safe.com/Decryptor_JuicyLemonDecoder.cab

[JigSaw勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/JigSawDecrypter.zip

[Lockcrypt勒索软件解密工具]

https://labs.bitdefender.com/wp-content/uploads/downloads/lockcrypt-ransomware-decryptor/

[Legion勒索病毒解密工具]

http://botcrawl.com/legion-ransomware/

[LockedIn勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/LockedInDecrypter.zip

[MirCop勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/MirCopDecrypter.zip

[Mblblock勒索软件解密工具]

https://tmp.emsisoft.com/fw/decrypt_mblblock.exe

[Marlboro勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/marlboro-ransomware-defeated-in-one-day/

[Nullbyte勒索软件解密工具]

https://www.bleepingcomputer.com/news/security/the-nullbyte-ransomware-pretends-to-be-the-necrobot-pokemon-go-application/

[NullByte勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/NullByteDecrypter.zip

[Nanolocker勒索软件解密工具]

https://github.com/Cyberclues/nanolocker-decryptor

[NMoreira勒索软件解密工具]

https://www.pcrisk.com/removal-guides/10689-nmoreira-ransomware

[NanoLocker勒索病毒解密工具]

http://blog.malwareclipboard.com/2016/01/nanolocker-ransomware-analysis.html

[OpenToYou 勒索病毒解密工具]

http://blog.emsisoft.com/2016/12/30/emsisoft-releases-free-decrypter-for-opentoyou-ransomware/

[Odcodc勒索病毒解密工具]

http://www.nyxbone.com/malware/odcodc.html

[ODCODCDecoder勒索软件解密工具]

https://dl.360safe.com/Decryptor_ODCODCDecoder.cab

[Pclock勒索软件解密工具]

https://www.bleepingcomputer.com/forums/t/561970/new-pclock-cryptolocker-ransomware-discovered/

[PopCorn勒索软件解密工具]

https://www.elevenpaths.com/downloads/RecoverPopCorn.zip

[Ransom.Cryakl勒索病毒解密工具]

http://blog.checkpoint.com/2015/11/04/offline-ransomware-encrypts-your-data-without-cc-communication/

[Shade勒索软件解密工具]

https://blog.kaspersky.com/shade-decryptor/12661/

[SanSam勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/SamSamStringDecrypter.zip

[Unlock92勒索软件解密工具]

https://download.bleepingcomputer.com/demonslay335/Unlock92Decrypter.zip

[Unlocker勒索软件解密工具]

https://github.com/kyrus/crypto-un-locker

[Wildfire勒索软件解密工具]

https://downloadcenter.mcafee.com/products/mcafee-avert/wildfiredecrypt/wildfiredecrypt.exe

02 综合性解密工具网站

卡巴斯基：勒索软件解密工具集

https://noransom.kaspersky.com/?spm=a2c4g.11186623.2.3.bSlRlm

Avast：勒索软件解密工具集

https://www.avast.com/zh-cn/ransomware-decryption-tools?spm=a2c4g.11186623.2.5.bSlRlm

Trendmicro：勒索软件解密方案

https://esupport.trendmicro.com/solution/zh-cn/1115118.aspx?spm=a2c4g.11186623.2.4.bSlRlm

MalwareHunterTeam:勒索软件解密工具集

https://id-ransomware.malwarehunterteam.com/

nomoreransom：勒索软件解密工具集

https://www.nomoreransom.org/zh/index.html

Emsisoft：勒索软件解密工具集

https://www.emsisoft.com/ransomware-decryption-tools/free-download

04 注意事项 

本文提供的解密器（链接）均由互联网搜集而来，只对工具信息进行汇总，不保证解密工具的可行性和安全性，用户应做好数据备份，以防止不必要的损失。

使用解密工具您需要注意以下事项：

1、通过勒索信息文件、加密后文件后缀等勒索特征判断勒索病毒家族。

2、选择对应家族（如有版本也应选择对应版本）的解密工具；

3、解密前需对重要的数据进行备份（即使处于被加密状态），以防止解密失败造成损失；

4、解密前需确保系统中的勒索病毒已被清除，否则可能遭到重复加密；

5、部分解密工具可能需要特定的解密环境（如在原始受感染的主机上进行解密、需要同时提供加密文件和原文件等），具体情况参考工具中的说明；

6、解密工具可能只对某些家族的特定变种或版本生效。

上一篇：时光机容灾系统【终极反勒索神器】

下一篇：勒索病毒数据技术解密及系统恢复服务