YOU ARE USING THIS TOOL AT YOUR OWN RISK.

---------------------------------------------------------------------------------------------------------Before you start to read this readme, please check if you have the latest versio
n of TeslaDecoder package.
http://download.bleepingcomputer.com/BloodDolly/TeslaDecoder.zip
http://download.bleepingcomputer.com/BloodDolly/changelog.txt
If you have any question you can contact me:
http://www.bleepingcomputer.com/forums/index.php?app=members&module=messaging&se
ction=send&do=form&fromMemberID=950574
---------------------------------------------------------------------------------------------------------1. Introduction
1.1 Quick guide (Decrypting files with the key)
2. Decryption possibilities
2.1 TeslaCrypt 0.3.4 and older (.ecc)
2.1 TeslaCrypt 0.3.4a - 2.2.0 (.ecc (0.3.4a+), .ezz, .exx, .xyz, .zzz, .aaa, .a
bc, .ccc, .vvv)
2.3 TeslaCrypt 3.0.0 - 3.0.1 (.xxx, .ttt., .micro), 4.0+ (as original)
3. Listing encrypted files
4. Decoding Tesla's network request
4.1 Format of network requests
5. Set custom key
6. List of known versions
6.1 List of known versions (my numbering)
6.2 List of known versions (their numbering)
===============
1. Introduction
===============
TeslaDecoder is a tool for decryption of encrypted files by TeslaCrypt. This too
l can also load and decrypt TeslaCrypt's 0.x data files, decode network requests
and found and list encrypted files.
This tool can recover the decryption key for old versions of TeslaCrypt 0.x dire
ctly from TeslaCrypt's data files or registry entries (see section 2 and 6) if f
ound or the decryption key (private key) for TeslaCrypt 0.3.4a - 2.2.0 can be re
covered using prime factorization (read Instructions.html).
TeslaDecoder can decrypt all versions of encrypted files by TeslaCrypt if YOU HA
VE valid private key. It can be used instead of their rubbish decoder after payi
ng the ransom.
1.1 Quick guide (Decrypting files with the key)
===============================================
There is very small chance of false decrytpion of encrypted files, but I do reco
mmend to backup all the encrypted files before using this tool.
If you have the key you can follow this quick guide to decrypt your files.
1. Run TeslaDecoder.exe as administrator (needed for hidden/system/personal fold
ers)
2.a Click on "Set key" button, copy/paste or type your key there and choose exte
nsion of your encrypted files
2.b The Tesla's private key is predefined when extension of TeslaCrypt 3/4 is ch
oosen

3. Confirm it by clicking on "Set key" button

4. Now you can decrypt your files
4a. Decrypt Folder - It will decrypt encrypted files in selected folder (I reco
mmend to use this option to test decryption with given or found key)
4b. Decrypt All - It will search encrypted files on all FIXED and REMOTE drives
and try to decrypt them
4c. Decrypt List - It will decrypt encrypted files listed in selected list file
5. See log for more information (path to log file will be shown in the dialog)
===========================
2. Decryption possibilities
===========================
2.1 TeslaCrypt 0.3.4a (.ecc) and older
======================================
These oldest versions of TeslaCrypt used key.dat file and registry entry to stor
e decryption key until the encryption process was not finished. When all files w
ere encrypted the decryption key was zeroes out, but the recovery key can be use
d to recover original PrivateKeyBC if present in key.dat file.
TeslaDecoder will try to search known location of key.dat file and the same info
rmation in the windows registry. If the file or registry entry is found, TeslaDe
coder will check the possibilities for recovering the key.
If decryption key was found in windows registry and you don't have data file, yo
u can save this data file by using "Save data file" button. (This option is not
available if decryption key was obtained from network request of TeslaCrypt v2+,
because these variants don't use data files) This file can be used to decrypt f
iles from another computer, etc., but encrypted files have to match with decrypt
ion key.
If decryption key or recovery key was not found, unfortunately there is no way h
ow to decrypt encrypted files except breaking AES 256 algorithm.
Format of encrypted file (.ecc)
*******************************
offset size
Description
--------------------------0x000
16
initialization vector for AES (random data)
0x010
4
Size of original files
<encrypted data>
Format of key.dat
*****************
offset size
Description
--------------------------0x000
34
Bitcoin address
0x022 260
Random bytes
0x126
16
SYSTEMTIME
0x136
32
Recovery/partial key
0x177
32
PrivateKey
0x280
8
Time64
0x288
4
DEADBEAF is set when ShadowCopy was deleted
2.2 TeslaCrypt 0.3.4a - 2.2.0 (.ecc (0.3.4a+), .ezz, .exx, .xyz, .zzz, .aaa, .ab
c, .ccc, .vvv)
================================================================================
==============
These versions of TeslaCrypt uses ECDH to protect PrivateKeyBC and later Private
KeyFile.
TeslaDecoder will try to search known location of key.dat/storage.bin file (.ecc
, .ezz, .exx only) and the same information in the windows registry. If the file

or registry entry is found, TeslaDecoder will check the possibilities for recov
ering the key.
If decryption key was found in windows registry and you don't have data file, yo
u can save this data file by using "Save data file" button. (This option is not
available if decryption key was obtained from network request of TeslaCrypt v2+,
because these variants don't use data files) This file can be used to decrypt f
iles from another computer, etc., but encrypted files have to match with decrypt
ion key.
If decryption key was not found, please read Instructions.html for detailed info
rmation how to recover PrivateKeyBC or PrivateKeyFile.
Format of encrypted file (.ecc, ezz)
************************************
offset size
Description
--------------------------0x000
16
initialization vector for AES (random data)
0x010
4
Size of original files
<encrypted data>
Format of encrypted file (.exx)
*******************************
offset size
Description
--------------------------0x000 200
FileHeader (OurPublickeyX, SharedSecret)
0x0c8
16
initialization vector for AES (random data)
0x0d8
4
Size of original files
<encrypted data>
Format of encrypted file (.xyz, .zzz, .aaa, .abc, .ccc, .vvv)
*************************************************************
offset size
Description
--------------------------0x000
4
0x0000
0x004
65
PublicKeyBC_octet (public key from generated private key for Bit
coin address in octet form)
0x045 130
SharedSecret1*PrivateKeyBC (Shared Secret of Tesla's public key
and generated private key for Bitcoin address * generated private key for Bitcoi
n address)
0x0c7
65
PublicKeyFile_octet (public key from generated private key for f
ile encryption)
0x108 130
SharedSecret2*PrivateKey2 (Shared Secret of BC's public key and
generated private key for file encryption * generated private key for file encry
ption)
0x18A
16
initialization vector for AES (random data)
0x19A
4
Size of original file
<encrypted data> AES 256 CBC
key.dat (752B) (.ecc, .ezz)
***************************
offset size
Description
--------------------------0x000
34
Bitcoin address
0x064
32
PublicKey X coordinate
0x084 128
RecoveryKey in hex; RecoveryKey = SharedSecret * Private
Key
0x148
64
64B of pseudorandom data (2nd buffer; used only for rand
omization of 1024B random buffer)
0x18A
16
SYSTEMTIME
0x19A
32
32B of pseudorandom data (1st buffer; this buffer is zer

oed out when PrivateKey is generated)

0x1DB
32
PrivateKey (32B of pseudorandom data (3rd buffer); this
buffer is zeroed out when encryption is done and wallpaper is set)
0x2E0
8
Time64
0x2E8
4
DEADBEAF is set when ShadowCopy was deleted
0x2EC
4
Set to 1 when PrivateKey was generated
storage.bin (752B) (.exx)
*************************
offset size
Description
--------------------------0x000
34
Bitcoin address
0x064
32
PublicKey X coordinate
0x084 128
RecoveryKey in hex; RecoveryKey = SharedSecret * Private
Key
0x148
64
64B of pseudorandom data (2nd buffer; used only for rand
omization of 1024B random buffer)
0x18A
16
SYSTEMTIME
0x19A 325
325B of pseudorandom data (1st buffer; this buffer is fi
lled 2nd time when encryption is finished and PrivateKey is destroyed)
0x1B1
32
BN_mod_inverse(0,BN_PrivateKey,EC_GROUP.order,BN_CTX) (
32B of pseudorandom data (3rd buffer))
0x2E0
8
Time64
0x2E8
4
DEADBEAF is set when ShadowCopy was deleted
0x2EC
4
Set to 1 when PrivateKey was generated
RECOVERY_KEY.TXT/RECOVERY_FILE.TXT (232B) (.ecc, .ezz, .exx, .xyz)
-----------------------------------------------------------------1st line> Bitcoin address
2nd line> PublicKey X coordinate
3rd line> RecoveryKey = SharedSecret * PrivateKey
RECOVERY_FILE.TXT (250B) (.zzz, .aaa, .abc)
------------------------------------------1st line> Bitcoin address
2nd line> PublicKey X coordinate
3rd line> RecoveryKey = SharedSecret * PrivateKey
4th line> %IDhex%
Format of recovery file (.ccc, .vvv)
-----------------------------------1st line> Bitcoin address
2nd line> PublicKey X coordinate
3rd line> RecoveryKey = SharedSecret * PrivateKey
4th line> %IDhex%
5th line> Distribution ID
2.3 TeslaCrypt 3.0.0 - 3.0.1 (.xxx, .ttt., .micro), 4.0+ (as original)
======================================================================
These versions of TeslaCrypt doesn't use only ECDH to protect PrivateKeyMaster a
nd PrivateKeyFile, but uses combination of ECDH, SHA256 and AES.
Currently there is no way how to recover any of private keys for these versions.
I recommend to backup all encrypted files, recovery file and wait for a solutio
n.
Format of encrypted file (.xxx, .ttt., .micro, as original)
*******************************

offset size
Description
--------------------------0x000
8
0x0000000000000000
0x008
8
%IDHEX%
0x010
8
0x0000000000000000
0x018 128
PublicKeyRandom1_octet|AES_PrivateKeyMaster (97 used)
0x098
65
PublicKeySHA256Master_octet
0x0D9
3
0x000000
0x0DC 128
PublicKeyRandom2_octet|AES_PrivateKeyFile (97 used)
0x15C
16
initialization vector for AES
0x16C
4
Size of original file
<encrypted data> AES 256 CBC
Format of recovery file (.xxx, .ttt., .micro, as original)
---------------------------------------------------------<AES256CBC, AES_key=7ABE8BA3A5FC704269791F472E7961F729B73F99B92CE2487CB263094C16
3968, IV=0>
1st line> Bitcoin address
2nd line> PublicKeyRandom1_octet|AES_PrivateKeyMaster in hex
3rd line> %IDhex%
4th line> Distribution ID
recover.bin, desctop.ini... (264) (TeslaCrypt 4.1+)
--------------------------------offset size
Description
--------------------------0x000
8
%IDHEX%
0x008
35
BitcoinAddress
0x02B
13
Padding (0x00)
0x038 128
PublicKeyRandom1_octet|AES_PrivateKeyMaster (97 used)
0x0B8
65
PublicKeySHA256Master_octet
0x0F9
7
Padding (0x00)
0x100
8
_time64
==========================
3. Listing encrypted files
==========================
TeslaDecoder can search for encrypted files and create a list of found files. Si
ngle folder or all drives can be selected and then examined. When listing is per
formed, TeslaDecoder will check all files in the selected folder or on all mappe
d drives and try to find encrypted files by TeslaCrypt regardless of extension (
except .ecc and .ezz files, where extension has it's role). Because every file i
s examined it will take longer than pure decryption process.
When the list file is created it can be used for decryption as a source of paths
for decryption process.
The path can points to a single file or a folder. When target location is a fold
er and the list file is used for decryption all files in that folder are decrypt
ed if possible.
Any unicode txt file with full paths on each line can be used as a list file.
Example:
C:\Dir\file.jpg.mp3
C:\Dir2
D:\Dir3\Dir4\Dir5\file.jpg

===================================
4. Decoding Tesla's network request
===================================
TeslaCrypt sends 2 network requests to Tesla's servers. The first request with "
subject=Ping" in parameters contains decryption/private key ("key=" parameter)*.
The second request with "subject=Crypted" has always "key=--", so only the firs
t request can be used to decrypt your files.
Decoding request can be used to load custom key (obsolete). If you want to load
your custom key you can paste string in the following format as input string for
decoding request:
key=<key_in_hex>&addr=<Bitcoin_address>&version=<real_Tesla_version_number>
example:
addr=1L55vdCjbQtcYYrrUzmx4NLJWFaMTPMrzb&key=B4B1ABEFC066AF7500A27C573B801D8F4871
61A7D9484439C25F61C1B07971D4&version=2.2.0
Key - is hexadecimal representation of 256 bit long number. (it can be PrivateKe
yBC, PrivateKEySHA256BC or PrivateKeyFile)
Bitcoin_address - starts with 1 and can be 26-35 character long (can be found in
ransom note) and must match with key parameter.*
real_Tesla_version_number - must be set, because it depends on version if key pa
rameter represents decryption key or private bitcoin address key. Table is locat
ed below.
*Note for v2.1.0+:
Because of the change that was made in v2.1.0 and above the entered key paramete
r in custom input can be loaded even if it doesn't match with entered bitcoin ad
dress. This is only true for custom input in request decoding function. (so encr
ypted request of these versions will not be laoded if key parameter doesn't matc
h bitcoin address) TeslaDecoder then tries to verify entered private key with pu
blic keys located in the header encrypted files. If match is found the file is d
ecrypted with that key.
================================
5. Set custom key for decryption
================================
The easiest way how to set custom decryption key to TeslaDecoder is by using Set
key feature. You have to just put your key in hexadecimal format there and pick
the extension of your encrypted files.
TeslaCrypt uses hierarchical key structure and TeslaDecoder accept any of the ke
y in this hierarchy and compute keys on lower levers up to PrivateKeyFile.
For example keys used by TeslaCrypt 2:
All 4 keys are supported (hierarchical order):
- TeslaPrivateKey - Tesla's private key (It is a master key of Tesla's creators)
This key unlock all encrypted files.
- PrivateKeyBC - Private key used for calculation of bitcoin address. This key i
s generated first and it unlocks all files encrypted by infected computer regard
less of number of restarts.
- PrivateKeySHA256BC - SHA256 of PrivateKeyBC, this key still unlock all files e
ncrypted by infecterd computers, but you can't access generated bitcoin address.
Tesla guys send this key after payment.
- PrivateKeyFile - This key is generated each time TeslaCrypt is executed. It me
ans that your encrypted files can have different PrivateKeyFile key. This key is
directly used as encryption/decryption key for AES 256 CBC.

All keys are hierarchical related, so TeslaDecoder will try to use entered key a
s the highest possible key and goes down if fails.
BE VERY CAREFULL USING THIS FEATURE ON ECC AND EZZ FILES. THESE OLD VARIANTS OF
TESLACRYPT DO NOT HAVE HEADER SO TESLADECOER CAN'T VALIDATE THE KEY BEFORE USING
IT, BUT IT WILL VALIDATE THE PADDING.
=========================
6. List of known versions
=========================
6.1 List of known versions of Tesla/AlphaCrypt: (my internel version numbering b
ased on data file changes)
================================================================================
=========================
Version 1:
---------File extension: .ecc
Location of data file on disk: %appdata%\key.dat [648 bytes]
Location of recovery file: N/A
Location of data file in registry: not used
Location of log file: %appdata%\log.html
Data file protected: No
Decryption key offset: 0x177
Partial key offset: 0x136
Info: If decryption key was zeroed out, but partial key was found in key.dat, Te
slaDecoder can recover original decryption key. This process can take several ho
urs on slow computers. Encrypted files are not paired with data file. Decryption
key can be also obtained from Tesla's request that was sent to server.
Version 2:
---------File extension: .ecc
Location of data file on disk: %appdata%\key.dat [656 bytes]
Location of recovery file: N/A
Location of data file in registry: not used
Location of log file: %appdata%\log.html
Data file protected: No
Decryption key offset: 0x177
Partial key offset: 0x136
Info: If decryption key was zeroed out, but partial key was found in key.dat, Te
sladecoder can recover original decryption key. This process can take several ho
urs on slow computers. Encrypted files are not paired with data file. Decryption
key can be also obtained from Tesla's request that was sent to server.
Version 3:
---------File extension: .ecc/.ezz
Location of data file on disk: %appdata%\key.dat [752 bytes]
Location of recovery file: %mydocuments%\RECOVERY_KEY.TXT
Location of data file in registry: [HKCU\Software\Microsoft\Windows\CurrentVersi
on\SET] [752 bytes]
Location of log file: %appdata%\log.html
Data file protected: No
Decryption key offset: 0x1DB
Info: If decryption key was zeroed out, the decryption key can be recoveres usin
g prime factorization or using private key of TeslaCrypt's authors. Encrypted fi
les are not paired with data file. Decryption key can be also obtained from Tesl
a's request that was sent to server. Decryption key can be recovered using prime
factorization - please read Instructions.html.

Version 4:
---------File extension: .ezz/.exx
Location of data file on disk: %localappdata%\storage.bin [752 bytes]
Location of recovery file: %mydocuments%\RECOVERY_FILE.TXT
Location of data file in registry: [HKCU\Software\Microsoft\Windows\CurrentVersi
on\Settings\storage] [752 bytes]
Location of log file: %localappdata%\log.html
Data file protected: AES 256 can be used
Decryption key offset: between 0x19A and 0x2C0
Info: If decryption key was zeroed out, the decryption key can be recoveres usin
g prime factorization or using private key of TeslaCrypt's authors. Encrypted .e
xx files are paired with data file. Decryption key can be also obtained from Tes
la's request that was sent to server. Decryption key can be recovered using prim
e factorization - please read Instructions.html.
Version 5/5+:
------------File extension: .xyz/.zzz/.aaa/.abc/.ccc/.vvv
Location of data file on disk: not used
Location of recovery file: %mydocuments%\RECOVERY_FILE.TXT, %mydocuments%\Recove
ry_File_%random%.txt, %mydocuments%\recover_file_%random%.txt
Location of data file in registry: [HKCU\Software\%random%] (data stored here ca
nnot be used for decryption without Tesla's private key)
Location of log file: not used
Data file protected: N/A
Decryption key offset: N/A
Info: This version doesn't use any data files and decryption key is not stored o
n computer. Decryption key can be obtained from Tesla's request that was sent to
server. (Not possible since TeslaCrypt v2.1.0) Decryption key can be recovered
using prime factorization - read Instructions.html.
Version 6: (v2.1.1)
---------File extension: original
Location of data file on disk: not used
Location of recovery file: %mydocuments%\recover_file_%random%.txt
Location of data file in registry: not used
Location of log file: not used
Data file protected: N/A
Decryption key offset: N/A
Info: This version doesn't use any data files and decryption key is not stored o
n computer. Decryption key can be recovered using prime factorization. Decryptio
n key can be recovered using prime factorization - please read Instructions.html
.
Version 7:
---------File extension: .xxx/.ttt/.micro/.mp3/as original
Location of data file on disk: not used
Location of recovery file: %mydocuments%\recover_file_%random%.txt, %mydocuments
%\recover.txt or any txt file located in %mydocuments% (they were changing the n
ame very often)
Location of data file in registry: [HKCU\Software\%IDhex%] (data stored here ca
nnot be used for decryption without Tesla's private key or RandomPrivateKey1)
Location of log file: not used
Data file protected: N/A
Decryption key offset: N/A
Info: The decryption key is predefined in the TeslaDecoder. Please read section

1.1.
Version 8:
---------File extension: as original
Location of data file on disk: (since 4.1) %mydocuments\recover.bin, %mydocument
s%\desctop.ini, %mydocuments%\desctop._ini
Location of recovery file: %mydocuments%\-HELP-file.txt,%mydocuments%\+recover+f
ile.txt or any form of this strings and letters
Location of data file in registry: [HKCU\Software\%IDhex%] (data stored here ca
nnot be used for decryption without Tesla's private key or PrivateKeyRandom1), N
/A (since 4.1)
Location of log file: not used
Data file protected: AES
Decryption key offset: N/A
Info: The decryption key is predefined in the TeslaDecoder. Please read section
1.1.
6.2 List of known versions of Tesla/AlphaCrypt: (Their version numbering)
=========================================================================
.ecc 0.2.5 - 0.3.6b
.ezz 0.3.7 - 0.3.7b
.exx 0.4.0 - 0.4.1a
.xyz 1.0.0, 1.0.1
.zzz 2.0.0 - 2.0.4a
.aaa 2.0.4b - 2.0.5a
.abc 2.0.5a, 2.0.5b, 2.1.0
as original 2.1.1 (probably only test version, because they went back to version
2.1.0)
.ccc 2.1.0a, 2.1.0b, 2.1.0c, 2.1.0d, 2.2.0
.vvv 2.2.0
.xxx/.ttt./.micro 3.0.0
.micro/.mp3 3.0.0a
.mp3 3.0.1, 4.0
as original 4.0+