Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Installs itself without permissions

Mole02 Ransomware

Mole02 Ransomware is one of the many malicious programs that have been devised to rip innocent users off. This infection will enter your system surreptitiously and then it will require that you pay the ransom fee for file decryption. Luckily, there is no need to do that because there is a public decryption tool available. Thus, you just need to remove Mole02 Ransomware from your computer, and that will be it. On the other hand, do not forget that there might be more unfamiliar intruders on your system. To make sure you get rid of them, invest in a licensed antispyware application.

This program probably spreads through spam emails. That is the most common method of ransomware distribution, so it is not surprising that Mole02 Ransomware employs it, too. At the same time, we often find this way of distribution rather frustrating. That is so because it is possible to avoid getting infected with ransomware, but users often do not recognize the signs that may point out to a malware infection. In this article, however, we will tell you more about the things that may point out to a ransomware infection, and how you could avoid it. The main thing you need is attention.

We receive countless spam emails every single day. Depending on our email service provider, those emails could be filtered into our inbox or Junk box. It is a lot more likely that users who employ email providers without such filters will be more exposed to potential infections. At the same time, you should also know what kind of messages could prove to be dangerous. When you have an email that supposedly carries an important document, you should know who sent that document and why they want you to open it. If the mail message is random, and you do not recognize the sender, it would be only for the best to remove it at once.

We also always emphasize the fact that you can scan the email attachment before opening it. If your security program is updated, it should detect something suspicious if it is really a ransomware installer file. On the other hand, if you fail to avoid the infection, Mole02 Ransomware will enter your system, and it will encrypt your files. Of course, it does not encrypt every single file it finds on your system, but you can be sure that the infection will successfully stop you from accessing your main files.

It will be easy to see which files were affected by the infection because Mole02 Ransomware will add the “.MOLE02” extension to each filename. Not to mention that you won’t be able to open the encrypted files, and in every single folder with the affected files you will find the _HELP_INSTRUCTION.TXT ransom note that will tell you about the encryption. Here is an extract from the note:


All of your files are encrypted with RSA 2048 and AES-128 ciphers.
More information about the RSA and AES can be found here:

From this excerpt, we can see that Mole02 Ransomware uses the RSA and AES encryption algorithms, so it is virtually impossible to restore the affected files unless you have the original decryption key. Further, in the message, the infection tells you to download the Tor browser and access a given address, where you should follow the instructions found on the site. It is very likely that the program will ask you to pay the ransom in Bitcoins, like most of the CryptoMix family infections (CryptoShield Ransomware, Revenge Ransomware, and so on), do. Needless to say, you should not pay a single cent.

There is no need to pay because, as we have already told you, there is a public decryption tool that will help you restore your files. You can find this tool by searching “Mole02 Ransomware decrypt” on the web. What’s more, even if there were no decryption tool, paying the money to these criminals would only encourage them to continue their malicious acts.

Therefore, you need to remove Mole02 Ransomware right now, following the instructions you will find below. If you do not feel confident about the manual removal, you can also delete the infection with an automatic antispyware tool. Simply choose the option that fits you the best.

How to Remove Mole02 Ransomware

  1. Press Win+R and type regedit. Click OK.
  2. Go to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
  3. On the right side, right-click the 00AE0EBCF2F2 and 0EBCF2F2* values.
  4. Select Delete and go to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce.
  5. Right-click the *0EBCF2F2 value and remove it.
  6. Close Registry Editor and press Win+R.
  7. Type %AppData% into the Open box and click OK.
  8. Delete the 0EBCF2F2.exe file.
  9. Scan your computer with SpyHunter.

* Please note that the file name for the executable file will be random.

Download Spyware Removal Tool to Remove* Mole02 Ransomware
  • Quick & tested solution for Mole02 Ransomware removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.