Santa Encryptor Ransomware is dubious file-encrypting virus that can be identified as ransomware. It is mainly created by cyber criminals with main motive to make illegal benefit from infected users. Cyber security researcher noted that it is the variant of HiddenTear ransomware project. Once it enters, it will scan the whole system and encrypt your various data or file and demand ransom for its decryption key. It uses the combination of AES and RSA encryption algorithm to encrypt the file and append the file name as random file name extension. After encryption, it will create a ransom note in the form of TEXT or HTML and put it in each folder containing encrypted files and payment method to buy decryption key. According to ransom note, it contains a short message about encrypted files and payment method to buy decryption key.
Santa Encryptor Ransomware is mainly distributed through spam email attachments, via exploit kits, Peer-to-peer sharing of network, freeware and shareware download and much more. Cyber crooks demand ransom in the form of digital currency known as Bitcoins and encourage users to buy decryption key from designated wallet address. The decryption key is stored in the server of cyber criminals. They can also warn users that if you not make payment in given time then you will lose your file permanently. After invading the PC, Santa Encryptor Ransomware makes new registry entries in Window Registry to achieve high level persistence that can allow other malware threats into the system. It can also block Window Firewall and other security tools to hide in the system for a long time.
It is strongly recommended that never make any type of payment to the cyber crook. It is not sure that you will successfully receive decryption key after making payment. Once you make payment, you will automatically connect to the cyber criminals. Through this data locking virus, cyber crooks monitor your online activities and steal the privacy for improper use. Therefore, it is hardly advised you to remove Santa Encryptor Ransomware from the PC quickly as possible.