all InfoSec news
TZW Ransomware Being Distributed in Korea
Malware Analysis, News and Indicators - Latest topics malware.news
Through internal monitoring, the ASEC analysis team recently discovered the distribution of the TZW ransomware, which encrypts files before adding the “TZW” file extension to the original extension.
This ransomware is being propagated with the version info marked as “System Boot Info”, disguising itself as a normal program file related to boot information.
Figure 1. File version info
It was created in a .NET format and includes a loader and the actual ransomware data within it. It ultimately loads and …
analysis asec boot data distributed distribution extension file files info information internal korea loader malware analysis monitoring program ransomware system team version