Mole66 Ransomware will take over your computer by surprise, but you should not panic. Panicking does nothing but pushes you into making terrible decisions. Yes, getting infected with a ransomware program is a frustrating experience, but you need to keep your head on if you want to remove Mole66 Ransomware and get at least part of your files back. This type of malware infection is especially annoying because removing it does not automatically bring things back to their original order. Hence, you need to understand that some of your data might be lost, especially if you do not have a system backup.
Mole66 Ransomware belongs to a group of the Mole Ransomware infections. These programs are also based on the CryptoMix Ransomware, and we have seen infections like Mole03 Ransomware or Mole02 Ransomware before. Our research team says that all the Mole Ransomware programs are very similar, and the main things that differentiate them are the ransom notes and the contact emails that are given in the notes. On the other hand, just because all those programs are so similar, it does not mean that we can use the same decryption key for them all. We do believe, however, that a public decryption tool for Mole66 Ransomware should be available quite soon because security specialists have managed to decrypt programs from this family before.
This infection uses the most common ransomware distribution method to infect its victims. In other words, Mole66 Ransomware comes in spam email attachments. The attached files often look like important documents that users have to open no matter what. For example, one of the Mole Ransomware programs before used to spread with a series of emails that “informed” users about some postal programs. The users were tricked into downloading a fake plug-in that eventually infected their computers with malware. This just proves that you have to be really careful when you encounter email messages that tell you to download something or to open something immediately. If anything, you can always scan the downloaded file with a security tool of your choice, just to be sure.
When Mole66 Ransomware encrypts user’s files, the program leaves out several directories. Mainly, %WINDIR%, %PROGRAMFILES%, and %PROGRAMFILES(x86)%. The infection needs the files and programs in these folders to work because it needs a functioning computer system for the ransom transfer. As far as all of your personal files are concerned, you can be sure that the application will encrypt them through and through. The program will also create a point of execution in the registry and drop its executable file in one of your directories. So you will have to work a little bit harder when you get down to removing it.
Mole66 Ransomware also deletes the Shadow Volume copies to prevent you from restoring your files. You can still do it; however, if you have copies of your files save on an external hard drive; you can just remove the encrypted data and transfer the good files back into your computer. Should you have more questions on computer security or ransomware removal, please feel free to drop us a note.
# | File Name | File Size (Bytes) | File Hash |
---|---|---|---|
1 | _HELP_INSTRUCTIONS_.TXT | 478 bytes | MD5: 6e540e6ea87995fe2eeceff8f7f34241 |
2 | BC0EBCF2F2.exe | 67584 bytes | MD5: c3294c90474063dfb0d28ef8a693a6cb |
# | Process Name | Process Filename | Main module size |
---|---|---|---|
1 | BC0EBCF2F2.exe | BC0EBCF2F2.exe | 67584 bytes |