Create a staging directory and generate a cryto key there. Discover the directories inside a user's home folder then safely encrypt all files inside the directories using the generated key. Compress the staging directory to prepare the crypto key for exfiltration and open a ransom note on the system.

Execute this chain

Download Operator (1.7.1)
Learn about Operator


List directories in current users home folder
Create a staging directory
Create a crypto key
Archive exfiltration directory
Recursively encrypt a directory
Remove ransomed files from disk
Leave encrypted data recovery note


wizard spider, kaseya vsa attack, ransomware