GetCrypt is a ransomware released by the RIG exploit kit, which encrypts victim's files using Salsa20 and RSA-4096. It adds a random 4-character extension to the files that is unique to the victim. It attacks vulnerable Windows PCs set to any language, except Russian, Ukrainian and a few others, probably indicating its origins in doing so.