Get the 411 on Spyware
Pickles Ransomware Removal Guide
A new yet-to-be-released ransomware has surfaced recently, and it has been dubbed Pickles Ransomware. Obviously, it has nothing to do with pickles because it is a piece of software designed to encrypt your files and demand that you pay a ransom. It removes itself from the PC once all files have been encrypted. Nevertheless, in some cases it might not delete itself, so you will have to give it a hand. Needless to say, since this ransomware has not been completed, everything is subject to change, but we want to provide you with the most relevant information about it so that you could hopefully avoid it and deal with it in case your computer happens to become infected with it.
Since it is still in development, we were unable to determine the way in which it is distributed. However, let us assume that its full version has already come out. In that case, it would be reasonable to assume that its developers have set up an email server that sends spam to random people hoping to infect their computers with Pickles Ransomware or have hacked a website and injected code into it that will initiate the download of this ransomware if you interact with JavaScript or Flash-based content. In the latter case, the developers might use an exploit kit.
Our research has revealed that Pickles Ransomware was coded in Python programming language. Python is a high-level programming language for general-purpose programming developed in the early 90’s. Not many ransomware-type programs are coded in this language, but it serves this ransomware at hand rather well. We have found that this ransomware uses the AES encryption algorithm to encrypt your files. It will generate a unique decryption key that this ransomware will send to the command and control server.
While encrypting the files, this ransomware changes their names to 30 character strings and appends them with the ".EnCrYpTeD" file extension. Once this ransomware is launched, Pickles Ransomware drops three additional files on the desktop and also changes the desktop’s background image.
Of the three files, “to_decrypt.py” is the main file that does the decrypting, "encrypted.txt" that contains the paths to all files, and "READ_ME_TO_DECRYPT.txt" which is the ransom note. The note features a non-existent Bitcoin wallet address to which you are expected to send the payment. The note also features an email address to which you should send a code that is also provided in the ransom note. Then, you should receive the decryption password that you have to enter after opening “to_decrypt.py.” Once all of the files are in place, and the encryption is complete, Pickles Ransomware will delete itself. The developers state that you have 72 hours to pay the ransom or they will destroy your decryption password.
You should not feel threatened by the cyber criminals because it is possible that they will not send you the password even if you pay. Therefore, we suggest that you remove Pickles Ransomware from your PC using our guide. You can also use SpyHunter, an anti-malware program that will eradicate this ransomware automatically.
How to delete Pickles Ransomware
- Find and delete Pickles Ransomware.exe
- Then, go to the desktop and delete READ_ME_TO_DECRYPT.txt, encrypted.txt, and to_decrypt.py
- Empty the Recycle Bin.
