RagnarokCry Ransomware

Most authors of ransomware opt to base their creations on already existing data-locking Trojans by borrowing their code. There are cyber crooks who develop their own file-encrypting Trojans from the ground up, but these often tend to have a variety of issues and are sometimes completely useless. However, this is not the case with the RaganrokCry Ransomware. The creators of this ransomware threat have done a good job, and the RaganrokCry Ransomware is fully functional.

Propagation and Encryption

Most creators of ransomware threats rely on several popular means of propagation – fake application downloads and updates, torrent trackers, malvertising campaigns, bogus pirated software and media, spam emails containing macro-laced attachments, etc. Once the RaganrokCry Ransomware sneaks into your computer, it will scan the files that are present on your system and mark them for encryption. Then, the encryption procedure will be triggered, and all the targeted files will be locked swiftly. It is likely that the RaganrokCry Ransomware goes after a long list of file types to ensure maximum damage, as this will increase the chances of the user paying up. The locked files’ names will be changed because the RaganrokCry Ransomware applies a ‘.ragnarok_cry’ extension to them. This means that if you had called a file ‘coffee-mug.jpg,’ the RaganrokCry Ransomware will rename it to ‘coffee-mug.jpg.ragnarok_cry.’

The Ransom Note

In the next step of the attack, the RaganrokCry Ransomware drops a ransom note located in a file named ‘How_To_Decrypt_My_Files.txt.’ To convince the victims that they have a working decryption key, the attackers offer to decrypt one file for free, provided that it does not exceed 3MB in size. The creators of the RaganrokCry Ransomware do not mention a specific ransom fee. The creators of the RaganrokCry Ransomware provide an email address as a means of communication - ‘asgardmaster5@protonmail.com.’ Contact the cyber crooks and cooperate with them is not recommended. These individuals are not honest, and a large number of victims who pay the ransom fee demanded never receive the decryption tool they were promised. This is why you should consider obtaining a reputable anti-malware application that will keep your computer and your data secure.