A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #28582  by xors
 Sun May 29, 2016 7:02 pm
Saw this new ransomware which was detected by microsoft.

https://www.hybrid-analysis.com/sample/ ... af65f32b8f

https://malwr.com/analysis/YmM3NTRmZTI3 ... RkM2E3YWQ/

It uses some old tricks in order to spread through removable drives.

For more information see https://www.microsoft.com/security/port ... ZCryptor.A

Also there is a PDB path inside the executable: C:\Users\Asus\Desktop\MyEncrypter2Mod3Window\Release\MyEncrypter2.pdb
Attachments
(396.75 KiB) Downloaded 118 times