A day after we published our #no ransom campaign decryptor in the fight against the #coinvault #ransomware, we were contacted by a fellow researcher from #panda, Bart Blaze. He kindly suggested that new variants of this dreadful ransomware were available and that he would happily share them with us. After obtaining the new MD5 hashes for the files, we set out to find more clues, more files, and to analyze what these new #malware variants had to reveal: three malware families that had striking similarities with each other.
In the end we found some interesting surprises (for more details about what we found, please read on).
However, the best thing was that, based on our analysis, the National High Tech Crime Unit of the #dutch police was able to apprehend two suspects last Monday.