Global frightening ransomware "WannaRen"
in Malware area
I was recently informed of this news and immediately contacted the employees of Bitdefender
But I think that maybe this is not enough, I just published an article here
This sample comes from: https://url.cn/5iVus2U
Sample download address: https://www.lanzous.com/ib3v25c (please note that the file does not have a compressed password)
This is a ransomware that makes the world frightened. It is said that it can make all antiviruses, such as Kaspersky, Avast, Avg, including our Bitdefender, fall.
It is said that Bitdefender has recently been updated, and there is a special project for this purpose. However, we may only get samples, and the virus itself is needed.
1
Comments
Update, we found the virus ontology, this is really a big discovery
Ontology: https://www.lanzous.com/ib4ok4d
WINWORD.EXE and wwlib.dll should be put under C: \ ProgramData, you put it under C: \ Users \ Public
Downloaded by this Powershell downloader
Decryptor:
https://www.lanzous.com/ib193xc
Encrypted files and extortion letters:
https://www.lanzous.com/ib39oah
https://www.lanzous.com/ib39o8f
Hi There,
Are you currently facing any issue.
Below is the virustotal link for the sample you provided : https://www.virustotal.com/gui/file/4dddf6b5ed32ba0330bd9050da6bd78848433a178b51eea4040e539c23f37c39/detection
Regards
Flex