AnteFrigus Ransomware is now being distributed through malvertising that redirects users to the the RIG exploit kit. Unlike other ransomware, it does not target the C: drive, but only other drives associated with removable devices and mapped network drives. It does not encrypt any files located on the D: drive or unmapped network shares. The ransomware will also create the C:qweasdtest.txt file, which is most likely used as a debug file. The ransom note will contain a link to the ransom note and become a little over 4 days after a payment becomes $1,995.
Source: https://www.bleepingcomputer.com/news/security/strange-antefrigus-ransomware-only-targets-specific-drives/