Posts tagged Alfa

Alfa, a new variant from the creators of Cerber, targets Windows OS and the method of distribution is currently unknown. Once executed, Alfa encrypts specific files and appends them with the extension .bin. It also maintains persistence by creating an autorun file (MSEstl) which launches the executable (msestl32.exe) every time the victim logs into Windows. It also deletes Shadow Volume Copies to prevent file restoration.

Read More