Trend Micro researchers spotted a ransomware imitating Locky being spread via spam emails targeting European countries particularly France.

Dubbed “PyLocky,” the malware’s ransom notes are written in English, French, Korean, and Italian while the ransomware itself features anti-machine learning capability making it notable due to its difficulty to analyze and detect posing a challenge to static analysis methods.

The ransomware also has and will sleep for 999,999 seconds or just over 11.5 days if the affected system’s total visible memory size is less than 4GB. After a victim’s files have been encrypted it will then generate an encryption key and establish communication with its command-and-control (C&C) server.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.