SarinLocker is written by NecroSys, who is associated with FusionCore group. The threat actor group known as FusionCore is a relatively new and determined group, originating from Europe. The group is running Malware-as-a-service, along with hacker-for-hire services. They have a wide range of skills and rely on open-source tools to increase evasiveness in their malware toolkit. The current version of SarinLocker v1.0 may not be highly sophisticated, we anticipate that it is still undergoing development and expect that future versions will include enhanced capabilities.
Link to Research Report: https://www.cyfirma.com/outofband/sarinlocker-ransomware
https://www.cyfirma.com/
