VERY IMPORTANT

A new ransomware uses an unusual symmetric encryption method named "Fernet". It is Python based and appends .CYRAT to encrypted files. While hunting for new malware we often use YARA rules to find suspicious samples. One of my generic ransomware hunt rules found this new ransomware sample. At the time it had only 2 detections on VirusTotal. The first submission date is 25. August 2020.