Researchers spotted a massive ransomware campaign in which the threat actors developed a new intriguing evasion detection technique. This campaign generates new variants of the same malware in order to evade detection and becoming APT-grade in their sophistication. This seems to be a Euro-centric threat as these variants have been mostly seen in Spanish, Polish, Swiss and Turkish organizations. Fake icon especially PDF icon and bogus file name were used for all of the analyzed Kofer variants in an effort to deceive the recipient into double-clicking the file delivered to them.”]
Source: http://securityaffairs.co/wordpress/38493/cyber-crime/kofer-ransomware-campaign.html