Planetary is a ransomware family that uses AES-256 to encrypt files, adding the extension ".mira", ".yum", ".Neptune", or ".Pluto" to files - the latter of which give this ransomware its name. The ransom note "!!!READ_IT!!!.txt" then asks the victim to contact "[email protected]".
The ransom note contains the following text:
!!! ATTENTION, YOUR FILES WERE ENCRYPTED !!!
Please follow few steps below:
1.Send us your ID.
2.We can decrypt 1 file what would you make sure that we have decription tool!
3.Then you'll get payment instruction and after payment you will get your decryption tool!
Do not try to rename files!!! Only we can decrypt all your data!