Ransomware Spread by JavaScript

Analysis of Ransomware spread by JavaScript

Analysis of Ransomware spread by JavaScript

Summary: The sample is a JavaScript file. After execution, it downloads a BAT file and an EXE file to run, traverses the computer’s files, and encrypts 80 kinds of file extensions including documents, pictures, media, etc. After the encryption, it asks for 0.5 BTC to decrypt the files. The malware author embeds malicious JavaScript in any kind of input data passed to an application that understands it; the application may be a PDF, SWF, etc. ...

June 6, 2016 · 4 min · 715 words · Melted in Hex