Depends on the particular malware, but generally it will direct you to a (tor) website explaining the details, often with newbie-friendly guides on how to set up the accounts needed to buy and transfer bitcoin.
They generally do offer a way to decrypt, it's a long term business for them, not a one-time prank; and the results matter - first, the "audience" who are willing and able to pay generally have multiple devices, and they won't pay for the dozen other devices if the first "trial" device isn't successfully decrypted, and second, the infection spreads over victim's contacts - so your buddy who also got the malware managed to decrypt, you're more likely to pay, and if your buddy paid and failed to decrypt, the crooks won't get a dime from you.
There are all kinds of options. For example, one piece of malware offered to decrypt two files of your choosing for free when you contacted them, just to show that they can do so, as a 'teaser' before paying the full amount.
Besides, why wouldn't they decrypt? It's not like it costs them anything or takes much effort; if they have the ability but wouldn't send the keys, then that's just hurting their business "PR/advertising" for no reason whatsoever.
They generally do offer a way to decrypt, it's a long term business for them, not a one-time prank; and the results matter - first, the "audience" who are willing and able to pay generally have multiple devices, and they won't pay for the dozen other devices if the first "trial" device isn't successfully decrypted, and second, the infection spreads over victim's contacts - so your buddy who also got the malware managed to decrypt, you're more likely to pay, and if your buddy paid and failed to decrypt, the crooks won't get a dime from you.
There are all kinds of options. For example, one piece of malware offered to decrypt two files of your choosing for free when you contacted them, just to show that they can do so, as a 'teaser' before paying the full amount.
Besides, why wouldn't they decrypt? It's not like it costs them anything or takes much effort; if they have the ability but wouldn't send the keys, then that's just hurting their business "PR/advertising" for no reason whatsoever.