Emsisoft Decryptor for Crypt32 will assist in decrypting files locked by the Crypt32 ransomware strain.
The Crypt32 ransomware is written with NodeJS, encrypting a victim's files using AES-256 and base64 without appending an extension.
The ransom note is titled "!! YOUR FILES HAS BEEN ENCRYPTED !!.txt" and contains the following text:
As with most of their other decryptors, Emsisoft Decryptor for Crypt32 pre-populates the locations to decrypt with the currently connected drives and network drives. Additional locations can be added via the Add button.
Emsisoft Decryptor for Crypt32 requires access to a file pair consisting of one encrypted file and the original, unencrypted version of the encrypted file to reconstruct the encryption keys needed to decrypt the rest of your data. Do not change the file names of the original and encrypted files. This fact is because the decryptor may perform file name comparisons to determine the correct file extension used for encrypted files on your system.
Run the Crypt32 decryptor, and select your file pair. Then click the Start button. The decryptor will start to reconstruct the required encryption parameters. Depending on the ransomware and your computer, this process can take a significant amount of time.
Emsisoft Decryptor for Crypt32 will inform you that the decryption process is complete. If you require a report for your records, you can save it by clicking the Save Log button. You also have the option to copy it straight to your clipboard for use in emails, forum posts, etc., if needed.
Like it? Love it? Leave a comment below. Please note that comments requesting support or pointing out listing errors will be deleted. Visit our Support Forums for help or drop an email to mgnews @ majorgeeks.com to report mistakes. Thank you!comments powered by Disqus