Unlock92 targets Windows OS and the method of distribution is currently unknown. For each victim, Unlock92 creates one random 64-character hexadecimal password and then locks files using symmetric AES encryption. Files encrypted by Unlock92 are appended with .CRRRT. Security researchers have determined that Unlock92 was created by the author of the Kozy.Jozy variant.

UPDATE 3/7/2017: A new version drops a ransom note named READ_ME_!.txt.

  • Softpedia provides more information about Unlock92 here.
  • Bleeping Computer provides a free decryption tool for Unlock92 here.