Because the regular decrypt procedure with cipher fails, looking for alternatives. Along the lines of this exercise:
Goal
You have succeeded once you know the content of the encrypted file...
Looking at NTFS decrypt, my thinking is that something like Kali Linux will have utilities to fix this.
It seems to be valid keys which have expired. Some files, not all, are encrypted.
I'm in early stages of research, just don't want to go down false paths.
Perhaps something like:
https://github.com/gentilkiwi/mimikatz/wiki/howto-~-decrypt-EFS-files
although I also see:
Linux
It is possible to decrypt files using ntfsdecrypt tool. In this case, you should get the private key first (by running cipher /x filename.pfx on a Windows system).
https://www.forensicswiki.org/wiki/Windows_Encrypted_File_System
-----------------update---------------------
I'll try the procedure outlined here first:
https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc512680(v=technet.10)
