The Nibiru ransomware is a.NET-based malware family. It traverses directories and encrypts files with Rijndael-256. The files are given an extension,.Nibiru, after encryption. The decryptor program leverages this weakness to decrypt files encrypted by this variant. The ransomware targets common file extensions but skips critical directories like Program Files, Windows and System Volume Information. You can download the decryptor over at the Talos GitHub GitHub repository for the decryptor.”]
Source: https://blog.talosintelligence.com/2020/11/Nibiru-ransomware.html