GandCrab Ransomware has started hiding under Javascript and Powershell (December 13, 2018)

SonicWall Capture Labs Research team recently observed a malware campaign delivering a GandCrab ransomware hiding under JavaScript and PowerShell. The ransomware is capable of encrypting the files when installed on the victims computer and ask for ransom to decrypt the files. This variant of GandCrab uses powershell.exe to load the payload dll in the memory…Learn More