SYMBOLCOMMON_NAMEaka. SYNONYMS
win.cryptopatronum (Back to overview)

CryptoPatronum

CryptoPatronum is a ransomware that encrypts user data through AES-256 (CBC) and it asks for BTC / ETH in order to get back the original files. In the ransom note there is not a title but only a reference to crsss.exe: its original file name. Once the files are encrypted, CryptoPatronum adds a .enc extension.

References
2020-01-25ID RansomwareAndrew Ivanov
cryptopatronum ransomware
CryptoPatronum

There is no Yara-Signature yet.