'.perl File Extension' Ransomware

The '.perl File Extension' Ransomware is a ransomware Trojan that is used to force computer users to pay large amounts of money. The '.perl File Extension' Ransomware is a variation of Bart, a well-known threat that has been active for some time. The '.perl File Extension' Ransomware may be distributed as a file attachment in spam email messages with DOC, PDF or RAR file extensions. Corrupted spam emails associated with the '.perl File Extension' Ransomware may take the form of fake messages from social media platforms such as Facebook, Instagram or Twitter. The '.perl File Extension' Ransomware attack will include corrupted Java scripts and macros as part of the attack.

The Ransomware that can be an Unwanted and Harmful Guest of Your Account

When the victim opens the '.perl File Extension' Ransomware executable file, the '.perl File Extension' Ransomware will run on the victim's computer. One reason why the '.perl File Extension' Ransomware is so threatening is that the '.perl File Extension' Ransomware can work without administrator privileges and on a guest account. The '.perl File Extension' Ransomware also can carry out its attack without needing to connect to a Command and Control server, unlike other known ransomware Trojans like Crysis. The '.perl File Extension' Ransomware targets the following file types during its attack:

.123 | .3dm | .3ds | .3g2 | .3gp | .602 | .aes | .ARC | .asc | .asf | .asm | .asp | .avi | .bak | .bat | .bmp | .brd | .cgm | .cmd | .cpp | .crt | .csr | .CSV | .dbf | .dch | .dif | .dip | .djv | .djvu | .DOC | .docb | .docm | .docx | .DOT | .dotm | .dotx | .fla | .flv | .frm | .gif | .gpg | .hwp | .ibd | .jar | .java | .jpeg | .jpg | .key | .lay | .lay6 | .ldf | .m3u | .m4u | .max | .mdb | .mdf | .mid | .mkv | .mov | .mp3 | .mp4 | .mpeg | .mpg | .ms11 | .MYD | .MYI | .NEF | .odb | .odg | .odp | .ods | .odt | .otg | .otp | .ots | .ott | .p12 | .PAQ | .pas | .pdf | .pem | .php | .png | .pot | .potm | .potx | .ppam | .pps | .ppsm | .ppsx | .PPT | .pptm | .pptx | .psd | .rar | .raw | .RTF | .sch | .sldm | .sldx | .slk | .stc | .std | .sti | .stw | .svg | .swf | .sxc | .sxd | .sxi | .sxm | .sxw | .tar | .tbk | .tgz | .tif | .tiff | .txt | .uop | .uot | .vbs | .vdi | .vmdk | .vmx | .vob | .wav | .wb2 | .wk1 | .wks | .wma | .wmv | .xlc | .xlm | .XLS | .xlsb | .xlsm | .xlsx | .xlt | .xltm | .xltx | .xlw | .zip.

After encrypting the victim's files, the '.perl File Extension' Ransomware will change the encrypted files' extensions to '.perl' to identify them. The '.perl File Extension' Ransomware will drop an image file, 'recover.bmp,' and a text file, 'recover.txt' on the victim's Desktop, and on all directories where the '.perl File Extension' Ransomware encrypts data. These contain the following ransom note:

'!!! IMPORTANT INFORMATION !!!
All your files are encrypted.
Decrypting of your files is only possible with the private key, which is on our secret server. To receive your private key follow one of the links:
[Links to pages hosted on the TOR Network]
If all addresses are not available, follow these steps:
1. Download and install Tor Browser: https://torproject.org/download/download-easy.html
2. After successful! installation, run the browser and wait for initialization.
3. Type in the address bar: [Link to a personalized payment portal on the TOR Network]
4. Follow the instructions on the site.
!!! Your personal identification ID: [a 128-byte long string]'

The '.perl File Extension' Ransomware's ransom will vary depending on the volume of the attack and the value of the victim's files. On average, the '.perl File Extension' Ransomware's ransom demand will be around $500 USD. Computer users are advised not to pay this amount and instead recover their files from a backup.