all InfoSec news
CryptoWire with Decryption Key Included
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) recently discovered the distribution of CryptoWire, a ransomware that was once viral in 2018.
Figure 1. CryptoWire Github
CryptoWire is mainly distributed via phishing emails and is made using Autoit script.
Main Features
The ransomware copies and pastes itself in the path “C\Program Files\Common Files,” and registers a schedule to the task scheduler to maintain persistence.
Figure 2. Registering a task schedule
Figure 3. Registered task schedule
The malware explores the local and connected network …
ahnlab asec autoit center cryptowire decryption decryption key distributed distribution emails features files github intelligence key main malware analysis path phishing phishing emails program ransomware schedule script security security intelligence viral