Lost all your files to some nasty ransomware?

We're here to fix that.

Download one of our free decrypter tools to recover your files without paying the ransom

I need removal help
No More Ransom

Associate Partner

[May, 2, 2017] - Version:

Emsisoft Decrypter for Cry128

Cry128 belongs to the CryptON/Nemesis ransomware family that is mostly used for targetted attacks via RDP. Files are encrypted using a customized version of AES and RSA. We have seen the following extensions being used by Cry128: ".fgb45ft3pqamyji7.onion.to._", ".id_<id>_gebdp3k7bolalnd4.onion._", ".id_<id>_2irbar3mjvbap6gt.onion.to._" and ".id-<id>_[qg6m5wo7h3id55ym.onion.to].63vc4".

To use the decrypter, you will require an encrypted file of at least 128 KB in size as well as its unencrypted version. To start the decrypter select both the encrypted and unencrypted file and drag and drop them onto the decrypter executable.