ESET has announced that it has made available an AES-NI decryption tool to users whose data has been encrypted by Win32/Filecoder.AESNI.B and Win32 / Filecoder.AESNI.C (also known as XData).
The decryption tool for AES-NI is based on wrenches that were recently released via Twitter and on a help forum for ransomware victims.
As Ondrej Kubovič, Security Specialist at ESET, explains: “The decryption tool is intended for files encrypted by the offline RSA key, which is used by AES-NI variant B by adding the extensions .aes256, .aes_ni and .aes_ni_0day, as well as for the XData variant, which adds the .~xdata extension to infected files”
Victimized users who still have their files encrypted can download the decryptor from the σελίδα of ESET with the auxiliary tools. The ESET Knowledgebase page provides more information on how to use the tool and details on specific cases where the decryptor cannot help.
Those interested can find more details about what happened and seems to have led to the "end" of this particular malware. Useful information about protection from the ransomware are available on ESET's official blog, WeLiveSecurity.
https://download.eset.com/com/eset/tools/decryptors/aesni/latest/esetaesnidecryptor.exe