SALAM Ransomware Behavior Analysis Challenges and Decryption

Malware attacks the CIA Triad of security: Confidentiality, integrity, availability. Some malwares work autonomously, whereas some others need a host. Ransomware is a type of malware that holds files, devices, and other important assets hostage in exchange for money. Damage these days is not limited to file loss; it can extend to denial of services, disclosure of private data such as intellectual property and personnel information. Ransomwares are getting sophisticated; evolving from using malicious websites having payloads used in targeted campaigns. These attacks are called Advanced Persistent Threats (APTs). This paper focuses on Ransomware types, malware analysis approaches used in detecting Ransomware behavior, and the way it affects the business of an organization. Salam Ransomware behavior in experimental lab simulation and understand the decryption mechanism used by this Ransomware Family and how to break the decryption algorithm used by Salam Ransomware.