Huntress analysts have previously observed INC ransomware being deployed, and recently observed this specific ransomware variant being deployed in a customer environment. The ransomware variant was identified, in part, through the threat actor’s efforts to verify that their deployment was effective, as illustrated through the following command line:
[.highlight]”C:windowssystem32NOTEPAD.EXE”[.highlight]…