Emsisoft Decrypter for Planetary will help to decrypt files held hostage by the Planetary ransomware also known as Mira and Pluto.

Emsisoft Decrypter for Planetary will help to decrypt files held hostage by the Planetary ransomware also known as Mira and Pluto.

The Planetary ransomware family leverages AES-256 to encrypt files and adds one of the following extensions .mira, .yum, .Neptune, or .Pluto to your files. The latter of which provided this ransomware its name. The ransom note "!!!READ_IT!!!.txt" will instruct the victim to contact getmydata @ india.com.

Here is an example of the ransom note text:



The decrypter requires access to a ransom note left by the malware, typically called “!!!READ_IT!!!.txt”

You should run Emsisoft Decrypter for Planetary as an administrator for proper results. The decrypter will display the reconstructed encryption details once the recovery process has finished. The display is purely informational to confirm that the required encryption details have been found. Once a key is detected, click OK to open the primary decrypter user interface.

By default, Emsisoft Decrypter for Planetary will pre-populate the locations to decrypt with the currently connected drives and network drives. Additional locations can be added using the Add button.

After you have added all the locations you want to decrypt to the list, click the Decrypt button to start the decryption process. The screen will switch to a status view, informing you about the current process and decryption status of your files.

Emsisoft Decrypter for Planetary will notify you that the decryption process is complete. If you require a report for your records, you can save it by clicking the Save log button. You also have the option to copy it straight to your clipboard for use in emails, forum posts, etc., if needed.

 Download