CryptoMix’s new variant
A new variant of CryptoMix Ransomware has been discovered which appends.WORK extension to the encrypted files and changes the contact emails used by the ransomware. Previously, ransomware used to provide a single point of contact for providing the decryptor services, however, this CryptoMix variant has provided multiple IDs, which clearly suggest that ransomware is now trying to be resilient to kill-switches.
IoC
File Hash : 69fa88c5b353f55edbb7187c090bee377e54900e1c78c580d7b3b3084c9d7d0b
Detection Name : Gen:Variant.ransom.CryptoMix.2
Remediation
eScan users are already protected against the CryptoMix Ransomware, thanks to our PBAE technology. It is recommended that the foremost strategy should be to take regular backup of important files.
Screenshots
Click here to know more about how to use PBAE Technology to resist ransomware