CrowdStrike's detailed analysis of the PartyTicket ransomware, which targeted Ukrainian entities in February 2022, reveals that the malware, developed using Go, is characterized by significant implementation errors that make its encryption breakable. The ransomware superficially encrypts files with a consistent AES key, generated due to a coding flaw, allowing for potential decryption. PartyTicket is politically themed, with references to the U.S. political system, and while it attempts to encrypt a wide array of file types, its execution is inefficient, creating excessive threads and leaving files recoverable. This suggests the author may have been inexperienced or operating under time constraints. The deployment of PartyTicket, alongside the more advanced DriveSlayer wiper, indicates its use as an additional, perhaps politically motivated, payload rather than a serious extortion attempt. CrowdStrike provides a script to exploit these flaws and decrypt files affected by PartyTicket.