RansomEXX encrypt its victim files with 256-bit key using AES block cipher in ECB mode. The AES key is encrypted by a public RSA-4096 key embedded in the code and appended to each encrypted file. It is initially targeted toward Texas Department of Transportation. But its spread across Latin america where its biggest victims as of now is Brazil's Superior Court of Justice which was hit by a it during a judgment sessions that were taking place over video conference.
RansomEXX Ransomware Signatures
Family: Ransom:Win32/FileCoder.TX!MSR
MD5: fcd21c6fca3b9378961aa1865bee7ecb
SHA256: 4cae449450c07b7aa74314173c7b00d409eabfe22b86859f3b3acedd66010458
RansomEXX Ransomware Download