Analysis of CryptFile2 Ransomware Server

December 14, 2016 Curt Wilson

Download ASERT Threat Intelligence Report 2016-06 here This report describes several elements of a ransomware staging system using the Nemucod malware to deliver CryptFile2 (aka Hydracrypt.A and Win32/Filecoder.HydraCrypt.C) ransomware, an ongoing threat since at least mid-March of 2016. This report reveals TTP’s (tactics, techniques, procedures) of threat actors, including insight derived from limited interactions via e-mail. […]


Previous Article
On the Economics, Propagation, and Mitigation of Mirai

By Kirk Soluk and Roland Dobbins In late November of 2016, a new Mirai variant emerged that leveraged a pro...

Next Article
Diving Into Buhtrap Banking Trojan Activity

Cyphort recently published an article about the Buhtrap banking trojan [