Ransomware - BlackSkull

BlackSkull is a near clone of GhosHacker and Anonymous and is theorized to be an early version of AzzaSec. All four of these are created from the NoCry ransomware builder, based on the infamous WannaCry ransomware. However, this ransomware poses nowhere near the threat of WannaCry. In fact, there's almost no threat to individuals or victims, considering there's only one known sample in the wild and, as was stated, was likely an earlier version of another ransomware; it's a test ransomware. When executing this ransomware, the wallpaper is changed to a simple message: "Oooops All Of Your Files Are Encrypted !".  Two ransom notes are dropped. One is an HTML file with instructions for the victim, and the other is a process executed to provide more granular instructions. You can't miss it; it's invoked automatically and appears in the center of the screen almost immediately after execution of the encryptor. Encrypted files have .BlackSkull appended to them and are encrypted with AES. The threat actors only ask for $200 for a ransom, which is significantly less than most other ransomware ask for.