On the heels of WannaCry we are seeing an uptick in a new ransomware family named Jaff and its associated IoC’s. The Jaff ransomware is taking pointers directly from Dridex and Locky’s playbook, which used malspam campaigns to deliver malicious PDF or Word attachments.
You can download all the IoC’s associated with Jaff from TruSTAR and make them part of your phishing and ransomware defense strategy. These IoC’s include malspam email headers, hashes of malicious attachments and pre and post infection traffic details.
Don’t hesitate to reach out with questions or concerns to the TS Responder team and click here to login to TruSTR