I need a solution
Hi all,
One of customers have been infected with one variant of @ransomware that no change extension files, so only way to monitor is control MD5 of honeypot files.
I did not found a lot of information so I share with you, looks like other vendor call it CrypMIC, by the Neutrino Exploit Kit.
If any more information is avalaible, please share.
You can find a DLL in tmp DIR.
Thanks,
@rider
0