It is always great to be able to announce a free decryptor for victim's who have had their files encrypted by a ransomware. This is the case today, where we have a decryptor being released for the Mole02 CryptoMix Ransomware variant.  This decryptor was created by security researcher M AV of STIGroup, Ltd. and with the help of Secarma Threat Intel team's Charley Celice 

Using this decryptor, victims of the Mole02 variant are able to recover their files for free. Instructions on how to use the decryptor can be found below and if anyone needs support using the decryptor they can ask in the Mole02/CryptoMix Help and Support Topic.

How to Decrypt .Mole02 Encrypted Files Using Mole Decryptor

Victims of the Mole02 CryptoMix Ransomware variant can be identified by their files being encrypted and renamed to the format of [renamed_filename].MOLE02. For example, an encrypted file could have a name like 26E14BA00B70A5D0AE4EBAD33D3416B0.MOLE02. An example of a folder of encrypted files is seen below:

.Mole02 Encrypted Files
Mole02 Encrypted Files

This decryptor is very easy to use. Just download the program, execute it, and off it goes scanning your your drives for files to decrypt.

The first step is to download the Mole02 Decryptor from the following link. Once downloaded, extract it using the password falsepositive and then execute the program.

Mole02 Decryptor

Once running it will display the screen shown below.

Mole02 Decryptor
Mole02 Decryptor

While the program is running, it will not given any indication as to what it is doing. Just let the decryptor run until it has finished and your files should be decrypted like in my test below.

Decrypted Files
Folder of Decrypted Files

Now that the files have been decrypted, you can delete the decryptor from your computer. If you have any questions regarding this decryptor, feel free to ask in the Mole02/CryptoMix Help and Support Topic.

Related Articles:

Company Pretends to Decrypt Ransomware But Just Pays Ransom

The Week in Ransomware - December 7th 2018 - WeChat Ransomware, Scammers, & More

Ransomware Infects 100K PCs in China, Demands WeChat Payment

Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware

Moscow's New Cable Car System Infected with Ransomware the Day After it Opens