A ransomware with the un-snappy moniker of 5ss5c has emerged on the scene and appears to be in active development. The malware is the successor to the Satan ransomware, which disappeared from the market a few months ago. Like Satan before it, it has an exclusion list of certain file types and folders that will remain unencrypted during the infection, including folders belonging to China-based security company Qihoo 360. It also has a different ransom demand M.O.: It creates a Chinese-language ransomware note on the C: drive called How to decrypt my file_.
Source: https://threatpost.com/satan-ransomware-reborn-chinese-businesses/151942/