Hells Ransomware

What is Hells Ransomware?

At the time of research, Hells Ransomware was demanding a ransom of 350 USD to be paid in Bitcoins. The ransom note created to support this malware was ordering to transfer this large sum to a special Bitcoin Wallet, 1Hp8VBKehCPBvArm6VRUWzPCte3EgdjYiY. According to the note, that was the only way to get files back. Unfortunately, this malicious ransomware could encrypt files, and, using that, it could push victims into paying the ransom. Though the infection did not work when our research team tested it, there is a possibility that it will be upgraded in the near future. Since the status of the infection is undetermined, Anti-Spyware-101.com researchers advise looking at your files if any ransom payment demands are made. In the best case scenario, you discover that your files are not corrupted, and then you can delete Hells Ransomware without further delay. In the worst case scenario, you realize that your files were corrupted and that you cannot do anything to recover them.test

How does Hells Ransomware work?

Hells Ransomware might spread using corrupted spam email attachments, but other methods could be employed as well, and so it is very important to take all measures to keep malware away. If the threat finds a way into your operating system, it does not introduce itself to the victim right away. First, it has to encrypt files, and it does that silently to ensure that you cannot stop it. Additionally, the infection creates files. One of them is a file named “RADIATION.bin”, and it should be created on the Desktop. The purpose of this file is still quite mysterious, and we are still testing in. If any important details are discovered, we will update this report immediately. The second file we need to mention is called “memes.jpeg”, and this file is placed in the %TEMP% directory. Once the malicious Hells Ransomware encrypts files, it changes the Desktop background image to showcase “memes.jpeg”. This image file represents a white-faced figure with a black hood, as well as a ransom message demanding a payment of 350 USD. Notably, this message represents the infection with a different name, “Uefi Ransomware.”

The last file that Hells Ransomware creates is called “decrypt.txt”, and the background image file points to this file for more information. According to our research, this TXT file should represent the same ransom demands as the JPEG file. So, what about the ransom? Can you recover your files by transferring 350 USD in Bitcoins to 1Hp8VBKehCPBvArm6VRUWzPCte3EgdjYiY? That is very hard to answer, but the odds are against you. The creators of ransomware are not interested in decrypting files. They are only interested in making you pay a ransom, and to achieve that they can make all kinds of promises and threats. As you might have figured out by now, it is most likely that your files would not be decrypted if you paid the ransom requested by Hells Ransomware creators or fulfill other demands. So, what should you do? Unfortunately, you do not have many options. You can try working with a professional, but it is unlikely that anyone will get your files decrypted. Alternatively, if you have backups, you can delete the corrupted copies, remove the ransomware, and then transfer personal files onto your PC from backup.

How to delete Hells Ransomware

Removing Hells Ransomware is very important, but, unfortunately, it can be tricky too. Since we do not know exactly how this threat invaded your operating system – if it has at all – we cannot tell you where to look for the installer or what kind of name it uses. Hopefully, you can remove the infection using the instructions below, but if you cannot, do not hesitate to employ anti-malware software. In fact, even if you choose to delete Hells Ransomware manually, you should consider installing this software anyway. Why? Because it can ensure full-time protection, and, without a doubt, that is very important if you wish to keep malicious threats away in the future. Another thing you need to keep in mind is that malware can use disguises, and malware distributors can use all kinds of tricks to ensure that malicious threats are infiltrated successfully. If you do not want to face malware again, you need to be careful at all times.

Removal Guide

  1. Locate and Delete the launcher of the malicious ransomware.
  2. Tap Win+E to launch Explorer and then enter %TEMP% into the bar at the top.
  3. Delete the file named memes.jpeg and then restore the usual background image.
  4. Move to the Desktop and then Delete the file named RADIATION.bin.
  5. Delete the file named decrypt.txt and then Empty Recycle Bin. 100% FREE spyware scan and
    tested removal of Hells Ransomware*


Leave a Comment

Enter the numbers in the box to the right *