# Free decryptor released for TargetCompany ransomware victims **[bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/](https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/)** Sergiu Gatlan By [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) February 7, 2022 12:08 PM 0 Czech cybersecurity software firm Avast has released a decryption utility to help TargetCompany ransomware victims recover their files for free. However, as Avast warns, this decryptor can only be used to restore encrypted files "under certain circumstances." Victims who want to recover their files using this decrypting tool should also be aware that this will likely be a resource-intensive and time-consuming process. "During password cracking, all your available processor cores will spend most of their computing power to find the decryption password. The cracking process may take a large amount of time, up to tens of hours," [Avast said.](https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware/) "The decryptor periodically saves the progress and if you interrupt it and restart the decryptor later, it offers you an option to resume the previously started cracking process." ----- The TargetCompany ransomware decryptor works by cracking the password after comparing an encrypted file with its original unencrypted version. Avast says this only has to be done once per each device encrypted by TargetCompany ransomware since the decryptor wizard will allow you to enter previously cracked encryption passwords by selecting the "I know the password for decrypting files." _TargetCompany decryptor (BleepingComputer)_ **TargetCompany ransomware victims can download the decryption tool from Avast's** **[servers (64-bit or](https://files.avast.com/files/decryptor/avast_decryptor_targetcompany64.exe)** **[32-bit) to decrypt entire disk partitions using the instructions](https://files.avast.com/files/decryptor/avast_decryptor_targetcompany.exe)** **displayed within the tool's user interface.** "On the final wizard page, you can opt-in whether you want to backup encrypted files. These backups may help if anything goes wrong during the decryption process," Avast added. "This option is turned on by default, which we recommend. After clicking 'Decrypt,' the decryption process begins. Let the decryptor work and wait until it finishes." You can find additional instructions on how to use Avast's TargetCompany ransomware [decryptor here.](https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware/) [TargetCompany is a relatively newly discovered ransomware strain, active since mid-June](https://www.bleepingcomputer.com/forums/t/763499/targetcompany-ransomware-support-topic/) 2021, that will add a .mallox, .exploit, .architek, or .brg extension to all encrypted files. ----- _TargetCompany ransomware submissions (ID-Ransomware)_ It also drops a ransom note file named "HOW TO RECOVER !!.TXT" in all folders containing encrypted files. This happens after it deletes volume shadow copies, reconfigures boot options, and kills processes that could lock databases of sensitive information (e.g., MySQL, Oracle, SQL Server). [Avast also released free decryptors for Babuk,](https://www.bleepingcomputer.com/news/security/babuk-ransomware-decryptor-released-to-recover-files-for-free/) [AtomSilo, and LockFile ransomware in](https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-atom-silo-and-lockfile-ransomware/) October 2021 to allow victims to recover their files without paying a ransom. ## Related Articles: [Free decryptor released for Yanluowang ransomware victims](https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-yanluowang-ransomware-victims/) [BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state](https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-asks-5-million-to-unlock-austrian-state/) [Windows 11 KB5014019 breaks Trend Micro ransomware protection](https://www.bleepingcomputer.com/news/security/windows-11-kb5014019-breaks-trend-micro-ransomware-protection/) [Industrial Spy data extortion market gets into the ransomware game](https://www.bleepingcomputer.com/news/security/industrial-spy-data-extortion-market-gets-into-the-ransomware-game/) [New ‘Cheers’ Linux ransomware targets VMware ESXi servers](https://www.bleepingcomputer.com/news/security/new-cheers-linux-ransomware-targets-vmware-esxi-servers/) [Avast](https://www.bleepingcomputer.com/tag/avast/) [Decryptor](https://www.bleepingcomputer.com/tag/decryptor/) [Ransomware](https://www.bleepingcomputer.com/tag/ransomware/) [TargetCompany](https://www.bleepingcomputer.com/tag/targetcompany/) [Sergiu Gatlan](https://www.bleepingcomputer.com/author/sergiu-gatlan/) Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips. [Previous Article](https://www.bleepingcomputer.com/news/security/google-cloud-hypervisor-modified-to-detect-cryptominers-without-agents/) [Next Article](https://www.bleepingcomputer.com/news/microsoft/microsoft-plans-to-kill-malware-delivery-via-office-macros/) Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment ----- [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ## You may also like: -----