- Aug 7, 2016
- 228
The latest Locky added extension .odin!
Last edited by a moderator:
Locky Ransomware ext.odin - Demonstration of attack
- Thread starter GrujaRS
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Two things I noticed:
1) The Malware is flying under the radar after triggering wscript.exe. Used / hijacked rundll32.exe might not be suspicious on first glance (VT 0).
2) In case HMP.A Anti-Ransom isn't deactivated, they should address this weakness.
Thank you for sharing @CyberSecurity GrujaRS!
1) The Malware is flying under the radar after triggering wscript.exe. Used / hijacked rundll32.exe might not be suspicious on first glance (VT 0).
2) In case HMP.A Anti-Ransom isn't deactivated, they should address this weakness.
Thank you for sharing @CyberSecurity GrujaRS!
Similar threads
