Pickles Ransomware

Posted: February 24, 2017
Threat Metric
Threat Level: 10/10
Infected PCs 18

Pickles Ransomware Description

The Pickles Ransomware is a Trojan that renames and encrypts your files to lock them, after which it tries to sell its victims a password for its decryption application. Since con artists sometimes take their ransoms without providing anything in exchange, malware experts note the usefulness of keeping backups for restoration that this Trojan can't attack. Although this threat is new, numerous brands of anti-malware products have proven themselves capable of detecting and deleting the Pickles Ransomware on sight.

The New Flavor of Trojans in Development

Trojans not yet complete can be just as threatening to any infected PC like the ones that are labeled finished projects, largely due to the unpredictable, and sometimes irreversible, effects of their payloads. The Pickles Ransomware joins other Python language-based Trojans like the PyL33T Ransomware and the HolyCrypt Ransomware in using encryption to lock you out of your media, such as documents or photos. Although the HolyCrypt Ransomware's methodology isn't highly divergent, it does show some cues that individualize it and the people operating its campaign.

To begin with, the Pickles Ransomware creates a unique identifier for the infection that it delivers in its ransom (see below). Then, the Pickles Ransomware uses what its message claims as being an AES-based encryption method for encoding and, consequently, blocking your files. The '.EnCrYpTeD' extension helps identify what content is under encryption, but the Pickles Ransomware also replaces the rest of the file name with an arbitrary string of characters. To finish its attack, the Pickles Ransomware creates extortion demands through both image-based and text-based files.

During attacks of this type, many coin artists will hold the decryption software up for ransom. The Pickles Ransomware, instead, installs the decryptor along with its other files but also implements password protection. Its authors assume that the victim will pay for the password out of hope that the decryption program can provide full data restoration, without testing it first.

Keeping the Pickles Ransomware Off the Menu

Although its extortion template creates a three-day time restriction on paying, the Pickles Ransomware also includes a significant vulnerability. The hard-coded decryption password of 'pickles' should be consistent between infections. However, con artists may opt to change that password for future builds, and malware researchers continue seeing value in keeping a backup as a defense against all file-encoding attacks.

Unlike some categories of threatening software, such as keyloggers, the Pickles Ransomware displays very obvious symptoms. PC users should avoid relying on such clues to protect their data since their appearance is an aftereffect almost always following the successful lock-down of large quantities and formats of local data. This developing campaign has not yet had its infection avenues confirmed, although malware researchers recommend running anti-malware scans with e-mail attachments and other downloads to delete the Pickles Ransomware and similar threats particularly.

The Pickles Ransomware may not be a finished project, but its limitations are a side effect of at least one threat actor's intent to continue developing it. Updating your security software and backing up your files with just as much industriousness as today's con artists can pay dividends for your PC's safety.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Pickles Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



file.exe File name: file.exe
Size: 3.93 MB (3930517 bytes)
MD5: 8102289c4bb4f0683f56701911252b11
Detection count: 99
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 25, 2017
Home Malware Programs Ransomware Pickles Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.