Alma Locker encrypts a victim’s data and then demands a ransom of 1 bitcoin within five days. The ransom note contains links to the TOR payment site and a link to download a decryptor. At this time there are no known weaknesses that can be exploited to decrypt files for free. Ransomware still has some bugs in its implementation, but it is one of the few few released lately that has a working TOR command & control server and a secure encryption algorithm. The payload includes a random 5 character extension that will be appended to encrypted files.
Source: https://www.bleepingcomputer.com/news/security/new-alma-locker-ransomware-being-distributed-via-the-rig-exploit-kit/