UPDATE 07/14/2017: A new version, dubbed NemucodAES, was discovered as part of a recent malicious email campaign masquerading as delivery notices from the United Parcel Service (UPS). This campaign attempts to install both the ransomware and the Kovter trojan on victims' systems.
- ReaQta has more information about Nemucod here.
- SANS ISC InfoSec Forums provides more information about NemucodAES here.
- A free decryption tool for Nemucod is available on GitHub here.
- Emsisoft also provides a free decryption tool for Nemucod here.
- Emsisoft provides a free decryption tool for NemucodAES here.