'.perl File Extension' Ransomware
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
|Threat Level:||80 % (High)|
|First Seen:||October 25, 2016|
|Last Seen:||May 5, 2022|
The '.perl File Extension' Ransomware is a ransomware Trojan that is used to force computer users to pay large amounts of money. The '.perl File Extension' Ransomware is a variation of Bart, a well-known threat that has been active for some time. The '.perl File Extension' Ransomware may be distributed as a file attachment in spam email messages with DOC, PDF or RAR file extensions. Corrupted spam emails associated with the '.perl File Extension' Ransomware may take the form of fake messages from social media platforms such as Facebook, Instagram or Twitter. The '.perl File Extension' Ransomware attack will include corrupted Java scripts and macros as part of the attack.
The Ransomware that can be an Unwanted and Harmful Guest of Your Account
When the victim opens the '.perl File Extension' Ransomware executable file, the '.perl File Extension' Ransomware will run on the victim's computer. One reason why the '.perl File Extension' Ransomware is so threatening is that the '.perl File Extension' Ransomware can work without administrator privileges and on a guest account. The '.perl File Extension' Ransomware also can carry out its attack without needing to connect to a Command and Control server, unlike other known ransomware Trojans like Crysis. The '.perl File Extension' Ransomware targets the following file types during its attack:
.123 | .3dm | .3ds | .3g2 | .3gp | .602 | .aes | .ARC | .asc | .asf | .asm | .asp | .avi | .bak | .bat | .bmp | .brd | .cgm | .cmd | .cpp | .crt | .csr | .CSV | .dbf | .dch | .dif | .dip | .djv | .djvu | .DOC | .docb | .docm | .docx | .DOT | .dotm | .dotx | .fla | .flv | .frm | .gif | .gpg | .hwp | .ibd | .jar | .java | .jpeg | .jpg | .key | .lay | .lay6 | .ldf | .m3u | .m4u | .max | .mdb | .mdf | .mid | .mkv | .mov | .mp3 | .mp4 | .mpeg | .mpg | .ms11 | .MYD | .MYI | .NEF | .odb | .odg | .odp | .ods | .odt | .otg | .otp | .ots | .ott | .p12 | .PAQ | .pas | .pdf | .pem | .php | .png | .pot | .potm | .potx | .ppam | .pps | .ppsm | .ppsx | .PPT | .pptm | .pptx | .psd | .rar | .raw | .RTF | .sch | .sldm | .sldx | .slk | .stc | .std | .sti | .stw | .svg | .swf | .sxc | .sxd | .sxi | .sxm | .sxw | .tar | .tbk | .tgz | .tif | .tiff | .txt | .uop | .uot | .vbs | .vdi | .vmdk | .vmx | .vob | .wav | .wb2 | .wk1 | .wks | .wma | .wmv | .xlc | .xlm | .XLS | .xlsb | .xlsm | .xlsx | .xlt | .xltm | .xltx | .xlw | .zip.
After encrypting the victim's files, the '.perl File Extension' Ransomware will change the encrypted files' extensions to '.perl' to identify them. The '.perl File Extension' Ransomware will drop an image file, 'recover.bmp,' and a text file, 'recover.txt' on the victim's Desktop, and on all directories where the '.perl File Extension' Ransomware encrypts data. These contain the following ransom note:
'!!! IMPORTANT INFORMATION !!!
All your files are encrypted.
Decrypting of your files is only possible with the private key, which is on our secret server. To receive your private key follow one of the links:
[Links to pages hosted on the TOR Network]
If all addresses are not available, follow these steps:
1. Download and install Tor Browser: https://torproject.org/download/download-easy.html
2. After successful! installation, run the browser and wait for initialization.
3. Type in the address bar: [Link to a personalized payment portal on the TOR Network]
4. Follow the instructions on the site.
!!! Your personal identification ID: [a 128-byte long string]'
The '.perl File Extension' Ransomware's ransom will vary depending on the volume of the attack and the value of the victim's files. On average, the '.perl File Extension' Ransomware's ransom demand will be around $500 USD. Computer users are advised not to pay this amount and instead recover their files from a backup.