Bird_banner_small4
Trojan.Win32.Nemesis.A
TSL ID TSL20170712-02
Severity Moderate
Description

Trojan.Win32.Nemesis.A is a ransomware Trojan that targets the Windows platform. The malware collects system information and sends it to the remote server. The malware encrypts files on the infected system. It leaves the ransom note on the infected machine, with instructions to follow in order to get the files decrypted.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • FFEF8311B79B6362D1EABC2600D0106E
SHA1:
  • F7F648DC9A367940DD226B501A5C26A1557D0F33
Identifiers
Kaspersky
  • TROJAN-RANSOM.WIN32.CRYPTOFF.AF
McAfee
  • GENERIC.CDY
Symantec
  • RANSOM.CRYSIS
TrendMicro
AegisLab
  • MAL.SAGECRYPT.GEN!C
AhnLab
  • WIN-TROJAN/SAGECRYPT.GEN
ALYac
  • TROJAN.RANSOM.CRY36
Arcabit
  • TROJAN.GENERIC.D554378
Avira
  • TR/AD.BANDARCHOR.MCFKB
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9998
BitDefender
  • TROJAN.GENERICKD.5587832
CAT-QuickHeal
  • TROJANRANSOM.CRYPTOFF
ESET
  • WIN32/KRYPTIK.FUGC
Malwarebytes
  • RANSOM.NEMESIS
Yandex
  • TROJAN.CRYPTOFF!
References https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-7th-2017-decryptors-notpetya-and-petya/
Related Threats