A major healthcare organization fell victim to Ransomware, and surely there are more high profile victims to come. Cyber criminals select targets that may give in to their demands, and targeting a major health care organization is more than likely going to generate a paid ransom. The emails usually contain a ZIP file which contains a malicious script/downloader. The downloader executes, encrypts targeted files and issues an HTTP POST to its Command and Control. This Teslacrypt / Locky ransomware campaign has recently morphed into a hybrid. The aforementioned domain hellomississmithqq[.]com was seen.”]
Source: https://blog.malwarebytes.com/threat-analysis/2016/03/teslacrypt-spam-campaign-unpaid-issue/