Cert IL Alert - GhostLocker latest activity
GhostLocker is a ransomware strain written in Python compiled by an open-source project named Nuitka. The malware targets Windows devices and encrypts files under a specific and configurable directory path. Once running the malware Nuitka drops a .EXE file and multiple .PYD files in TEMP directory. The .EXE file contains the original malwares source code in Python encoded in base64 for obfuscation.