MalwareHunterTeam has found an attachment used in a new Coronavirus phishing campaign that installs the Netwalker Ransomware. The malware is a ransomware formerly called Mailto that has become active recently as it targets the enterprise and government agencies. At this time there is no known weakness in the ransomware that would allow victims to decrypt their files for free. Victims will need to either restore from backup or recreate the missing files. The ransom note contains instructions on how to access the ransomware’s Tor payment site.
Source: https://www.bleepingcomputer.com/news/security/netwalker-ransomware-infecting-users-via-coronavirus-phishing/