RedAlert Ransomware

RedAlert Ransomware
RedAlert ransomware or N13V ransomware targets both Windows and Linux VMWare ESXi servers in attacks on corporate networks. The ransomware is named after a string in the ransom text, but the threat actors internally refer to it as N13V, which is the original name of this threat. It uses NTRUEncrypt public-key encryption algorithm to encrypt its victim files. Only other known ransomware operator that uses NTRUEncrypt is FiveHands Ransomware. It ask ransom payment in Monero (XMR).

RedAlert N13V Ransomware Signatures

Family: Ransom:Linux/RedAlert.A!MTB
MD5: f2fa9a3ce883a7f5b43ba5c9ff7bdf75
SHA256: 039e1765de1cdec65ad5e49266ab794f8e5642adb0bdeb78d8c0b77e8b34ae09

RedAlert N13V Ransomware Download

Download RedAlert N13V Ransomware Sample