Sfile Ransomware current variant is for FreeBSD which is considered to a relatively secure operating system. It is targeting a partially state-owned company in China. The SFile ransomware uses the Mbed TLS library, RSA-2048 and AES-256 algorithms for file encryption. The ransomware does not have its own portal; the attackers communicate with victims via email.
sFile Ransomware Signatures
Family: Ransom:Linux/Filecoder.C!MTB
MD5: d63835926975c9620cf42c2f231c828f
SHA256: 49473adedc4ee9b1252f120ad8a69e165dc62eabfa794370408ae055ec65db9d
sFile Ransomware Download