FTCODE is a fully PowerShell-based ransomware. It is distributed via malicious document files that contain macros or using VBScript to download and launch the malicious PowerShell script. FTCODE ransomware will scan a specific list of file extensions and encrypt them with Rijndael algorithm. Other than encrypting files, it will also steal sensitive data from the […]
The post VMware Carbon Black Threat Analysis: FTCODE Ransomware appeared first on VMware Carbon Black.