When first installed, KeRanger will run in the background and then kick in 3 days later. Once started it will scan your computer for targeted file extensions and encrypt them using AES Encryption.
At this time there is no known way to decrypt the files for free.
Detailed analysis can be found here: Information about the KeRanger OS X Ransomware and How to Remove It.