A Deep-dive Analysis of VENOMOUS Ransomware


While conducting our routine Open-Source Intelligence (OSINT) research, the Cyble Research Labs came across ransomware known as VENOMOUS, which encrypts the user document files using AES 256 encryption and appends the extension of encrypted files as “.VENOMOUS”. Consequently, the ransomware demands that the victims pay ransom for a decryption tool to recover their data.

Based on analysis by Cyble Research Labs, we have observed that the executable .exe file is a console-based application that r…

Read More