AvosLocker is a relatively new ransomware, that was observed in late June and early July. Its authors started searching for affiliates through various underground forums. They announced a recruitment for pentesters with Active Directory network experience and access brokers which suggests that they want to cooperate with people who have remote access to hacked infrastructure. Each attacked directory has a ransom note dropped in it, named GET_YOUR_FILES_BACK. The ransom note is not generated during the deployment but hardcoded in the sample.”]