The Long Run of Shade Ransomware
Security Affairs
FEBRUARY 19, 2019
The phishing email contains a.zip file named “slavneft.zakaz.zip”, which means something like “slavneft order” in English, showing a direct reference to “Slavneft”. Shade encrypts all the user files using an AES encryption scheme. Background of the infected machine, after encryption phase. Technical analysis.
Let's personalize your content