Ransomware called Venus Locker is one of the biggest cybersecurity threats in the world. It collects intelligence about the victims machine using the ip-api.com service and uses the SendInfo function to pass it to the command and control server. This malware does not use any protection layer (FUD/crypter) to try to help evade detection and make analysis more difficult. If targeted content is part of the FullCryptExtension list, extension will be Venusf (0x200 or 512) where the first or 512 bytes are targeted.”]
Source: https://blog.malwarebytes.com/threat-analysis/2016/08/venus-locker-another-net-ransomware/