Decryptor Released for the Mole02 CryptoMix Ransomware Variant

It is always great to be able to announce a free decryptor for victim's who have had their files encrypted by a ransomware. This is the case today, where we have a decryptor being released for the Mole02 CryptoMix Ransomware variant.  This decryptor was created by security researcher M AV of STIGroup, Ltd. and with the help of Secarma Threat Intel team's Charley Celice 

Using this decryptor, victims of the Mole02 variant are able to recover their files for free. Instructions on how to use the decryptor can be found below and if anyone needs support using the decryptor they can ask in the Mole02/CryptoMix Help and Support Topic.

How to Decrypt .Mole02 Encrypted Files Using Mole Decryptor

Victims of the Mole02 CryptoMix Ransomware variant can be identified by their files being encrypted and renamed to the format of [renamed_filename].MOLE02. For example, an encrypted file could have a name like 26E14BA00B70A5D0AE4EBAD33D3416B0.MOLE02. An example of a folder of encrypted files is seen below:

This decryptor is very easy to use. Just download the program, execute it, and off it goes scanning your your drives for files to decrypt.

The first step is to download the Mole02 Decryptor from the following link. Once downloaded, extract it using the password falsepositive and then execute the program.

Once running it will display the screen shown below.

While the program is running, it will not given any indication as to what it is doing. Just let the decryptor run until it has finished and your files should be decrypted like in my test below.

Now that the files have been decrypted, you can delete the decryptor from your computer. If you have any questions regarding this decryptor, feel free to ask in the Mole02/CryptoMix Help and Support Topic.