Ransomware information(11ea) on Aug. 31 ~ Sep. 7. 2016

- Ransomware files : 3e387e94368.zip, 0a64ca35454a.zip, ae40c25cae4.zip, 4cb6c10824f.zip,
1d893c4cf3a.zip, 9e0b426842.zip, 8b448fa6a2.zip, 3a03f3530a1.zip,
72cb7e3d5dcc.zip, d3c5406f9bd1.zip, f7058a04a9.zip.

- Ransomware codes : 2DC3CC21_bank_transactions.js, 1D05F09E_flight_tickets.js,
2F8D30AD_shipping_service.js, Travel_expense_sheet_85C2C83B.js,
255B8AF9_flight_tickets.js, office_facilities_0FC93CC1.js,
credit_card_receipt_C15ADE63.js, August_invoice 6EAC151A. pdf~.js,
utility_bills_copies E66A49E2.js(2), 2DC14A55 agreement_form_doc.js.

- Process : C:/Windows/System32/rundll32.exe

- Remarks : The attack which is using the noraml rundll32.exe in System32 folder.

- It is possible to real-time block by RansomFree