Try2Cry Ransomware

Try2Cry Ransomware Description

The Try2Cry Ransomware is a Trojan that was created with the objective of encrypting pictures, documents and Microsoft Office files. The Try2Cry Ransomware is a member of the Stupid Ransomware family, an open-source ransomware on Github with several variants, and its attack is easy to spot due to the shortcuts in Arabic it creates. The Try2Cryal Ransomware also renames the locked files by including the file extension '.Try2Cry' to the files it chooses to encrypt. The Try2Cr Ransomware has an interesting feature, which is its capacity to infect and trying to spread to other victims' devices via USB flash drives. This distribution method also was used by the Andromeda Botnet and the Spora Ransomware.

The Try2Cry Ransomware will send a copy of itself, which is name'Update.ex,' to the root folder of each USB flash drive it finds on the targeted machine. After finishing this step, it will conceal these files on the removable drive, and in their places, it will put Windows shortcuts (LNK files) using the same icon.

The Try2Cry Ransomware uses a Rijndael symmetric key to encrypt its victims' files, as well as a hardcoded encryption key.

If there is a possibility that your files have been encrypted by the Try2Cry Ransomware, we have good news: the Try2Cry Ransomware is decryptable for free since security researchers have released a decryptor that can be used on all the Stupid Ransomware family members. Just do not forget to delete the Try2Cr Ransomware, as well as all of its components from your machine by using a trustable security tool.