Punisher Ransomware Spreading Through Fake COVID Site
The ransomware calls the following functions for encrypting the files in the Victim’s machine. ... The ransomware now downloads a .zip file containing the ransom note using a GET request from hxxp[:]//20.100.168[.]3[:]1974/alertmsg[.]zip and extracts it in the directory created in the above step. Malware: Punisher [View Article](https://blog.cyble.com/2022/11/25/punisher-ransomware-spreading-through-fake-covid-site/)