PureLocker is written in the PureBasic programming language. It shows up (so far) as a Windows 32-bit DLL, masquerading as a C++ cryptography library called Crypto++. It encrypts the files on the victim’s machine with the standard AES+RSA combination, using a hard-coded RSA key. PureBasic code is portable between Windows, Linux and OS X, which can make targeting different platforms easier for the attacker. The ransom note it then generates is not usual by any means. It doesn’t ask for payment directly, it instructs the victim to contact the attacker via email.”]
Source: https://www.darkreading.com/abtv/how-purelocker-ransomware-bypasses-av-checks/a/d-id/755615