TrueCut Security,Inc.

Next_Gen Endpoint Protection
trueEP

News

최신뉴스
Title Today's ransomware - odin
Name Operator Date 2016-09-27 View 1045
File 파일 Today ransomware_20160927.pdf

It is a windows script file and call a rundll32 process.

So, it seem to be a Locky subspecies.


However, extension of files were changed to "odin" not "zepto".


C & C server IP is in Russia.


It was blocked by TrojanCut.


이전글   다음글