Posts tagged XRTN

XRTN targets Windows OS and encrypts files with RSA-1024 encryption using Gnu Privacy Guard (GnuPG) encryption software. XRTN spreads through spam emails containing malicious attachments disguised as Word documents. Once a victim opens the attachment, a JavaScript file executes and proceeds to download a GnuPG executable file, an actual Word document, and a batch file designed to encrypt files.

Read More