Click on screenshot to zoom
Danger level 6
Type: Trojans

Sicck Ransomware

Photos, family videos, work documents, file archives, and various other kinds of files might be encrypted by Sicck Ransomware if this malicious threat finds its way into your operating system. The infection, according to our researchers, is most likely to be introduced to Windows users via file attachments sent via misleading spam emails. If the infection corrupts a computer that is part of a larger network, it can scan that network to see if other vulnerable computers exist. Specifically, the infection looks for outdated systems with a Shadow Brokers SMB vulnerability. It can be exploited by the ransomware to spread inside the network. It has been used for the attacks of the well-documented WannaCry Ransomware as well. Of course, there is no need to explain that deleting Sicck Ransomware is important, but if you do not know what you need to do before that, you should continue reading. In this report, you will also find useful information on the different removal methods you could employ.

The goal that the creator of Sicck Ransomware has is to trick the victim of the infection into thinking that they can purchase a decryptor/decryption key. During the encryption, the ransomware modifies the files to make them unreadable, and it also changes their names. While the original name and extension remain, they are sandwiched by two extensions created by the infection. The first one - [] – is put at the front, and the second one – .sicck – is appended at the end. There is nothing you can do manually to restore these files back to normal. If you have backups online or on external drives – which is your only option of “recovering” them – you want to delete the copies corrupted by Sicck Ransomware, remove the infection itself, and then, if you need it, transfer the backup copies onto the clean computer. Unfortunately, victims who do not have backups might think that they can recover files by paying the ransom requested by the infection’s developer.

The ransom is set at 1 Bitcoin. During the extent of our analysts, 1 BTC converted to around 4000 US Dollars. That is not the kind of money you want to waste, do you? Unfortunately, you would be wasting it by paying the ransom. The developer of Sicck Ransomware requests the ransom via a file named “How__to__decrypt__files.txt.” The request is represented in English, Chinese, and Korean, which suggests that the attackers are ready to target Windows users all over the world. The ransom note instructs to send the ransom in 3 days to a dedicated Bitcoin Wallet (3QxVmxcyVcqDpuVJ8QTSy83BbWvZvCoYcV). So far, no one has transferred money, which is good news. If you were the pay the ransom, you would also be asked to email and for confirmation, which would expose your email address too! Without a doubt, we do not recommend getting involved. Cyber attackers have malicious intentions only, and their promises to decrypt files are, most likely, empty. Unfortunately, it appears that the only thing you can do is remove Sicck Ransomware.

The instructions you can see below are designed to help you understand the manual Sicck Ransomware removal process. As you can see, we cannot give you the exact name or location of the file that executes the threat, and that is because this is pretty random. The filename can be unique in every case, and the location depends on where, for example, you open email attachments. If you are inexperienced, deleting Sicck Ransomware manually might be quite challenging. The good news is that you do not actually need to remove the threat manually.

Instead, you can use anti-malware software. Reliable and legitimate software can automatically erase all existing threats and ensure that you do not leave anything behind by accident. That is definitely something you need to think about if you proceed with manual removal. While the ease of removal is definitely a good reason to install anti-malware software, it is most useful in terms of protection against malware attacks in the future. If you do not want to deal with ransomware and other threats in the future, go ahead and install trustworthy anti-malware software ASAP.

Sicck Ransomware Removal

  1. Right-click and Delete the .exe file that launched the infection.
  2. Right-click and Delete the files created by the ransomware in %HOMEDRIVE%:
    • Sicck.exe
    • How__to__decrypt__files.txt
  3. Empty Recycle Bin.
  4. Install a malware scanner and run it to have your operating system checked for malware leftovers.
Download Spyware Removal Tool to Remove* Sicck Ransomware
  • Quick & tested solution for Sicck Ransomware removal.
  • 100% Free Scan for Windows


  1. Ramonita Jan 17, 2019

    I am sure this post has touched all the internet viewers,
    its really really nice post on building up new web site.
    I could not resist commenting. Very well written! I could not refrain from commenting.
    Exceptionally well written!

  2. Teodoro Jun 5, 2020

    Howdy! I know this is kinda off topic but I was wondering which blog platform are you
    using for this site? I'm getting sick and tired of Wordpress
    because I've had issues with hackers and I'm looking at options for another platform.
    I would be great if you could point me in the direction of a good

  3. Blythe Jun 10, 2020

    Good post. I learn something totally new and challenging on sites I stumbleupon everyday.
    It's always interesting to read through articles from other writers and practice a little something from their

  4. Billy Jun 20, 2020

    Marvelous, what a web site it is! This web site gives
    useful information to us, keep it up.

  5. Rena Jun 21, 2020

    You really make it seem so easy with your presentation but I
    find this matter to be actually something which I think I would never understand.
    It seems too complicated and extremely broad for me.

    I am looking forward for your next post, I will try to get the hang of

  6. Leora Jun 21, 2020

    Hi there, of course this piece of writing is really pleasant and I have learned
    lot of things from it regarding blogging. thanks.

  7. Esther Jun 22, 2020

    Your style is very unique compared to other folks I have read stuff from.
    Many thanks for posting when you have the opportunity, Guess
    I will just book mark this blog. abudhabicl*****

  8. Quincy Jun 24, 2020

    Hi outstanding blog! Does running a blog such as this require
    a great deal of work? I have very little expertise in programming but I had
    been hoping to start my own blog in the near future. Anyways,
    should you have any suggestions or tips for new
    blog owners please share. I understand this is off subject nevertheless I simply needed to ask.
    Thanks a lot!

  9. Celsa Jun 24, 2020

    Your style is really unique in comparison to other folks I have read stuff
    from. Thank you for posting when you've got the opportunity,
    Guess I will just bookmark this site.

  10. Breanna Jun 25, 2020

    I'm really enjoying the theme/design of your website.

    Do you ever run into any web browser compatibility issues?
    A handful of my blog audience have complained about my blog not operating correctly in Explorer but looks great in Chrome.
    Do you have any tips to help fix this

  11. Boyce Jun 26, 2020

    Excellent blog here! Also your web site loads up very fast!
    What web host are you using? Can I get your affiliate link to your host?
    I wish my site loaded up as fast as yours lol judi casino sbobet

  12. Noreen Jun 26, 2020

    Hi there, just became aware of your blog through Google, and found that it is really informative.
    I'm going to watch out for brussels. I will be grateful if you continue this in future.
    A lot of people will be benefited from your writing.

  13. Isabella Jul 5, 2020

    Link exchange is nothing else except it is simply placing the other person's web site link on your page at
    proper place and other person will also do same for

  14. Maximilian Jul 14, 2020

    Thankfulness to my father who stated to me regarding this web site,
    this webpage is actually awesome.

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.