The criminal group Evil Corp is trying to mask its latest activity by using previously unknown ransomware called PayloadBin. The move is believed to be an attempt to confuse law enforcement and avoid sanctions imposed by the U.S. federal government against entities it believes are linked to Evil Corp. The group is widely associated with the info-stealing Dridex malware, which allowed the group allegedly to steal millions of dollars from a combination of capturing banking credentials and then making unauthorized transfers from the compromised accounts.
Source: https://threatpost.com/evil-corp-impersonates-payloadbin/166710/