Aliases: DearCry (other)
Microsoft Defender Antivirus detects and removes this threat.
This ransomware is deployed by human operators after initially compromising the device using a malicious web shell. The web shell then creates a batch file, Trojan:BAT/Wenam.A, that allows attackers to move laterally in, and steal credentials from the compromised system. The ransomware then encrypts files, making them inaccessible.
For information about other human-operated ransomware campaigns, read these blog posts:
There is no one-size-fits-all response if you have been victimized by ransomware. To recover files, you can restore backups. There is no guarantee that paying the ransom will give you access to your files.
Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.