Picture is from the hidden service.
>What /g/ think about it ?
It's just another ransomware that happens to be written using Node.js.
Apparently it has to be opened as mail attachment, like most ransomware thingies, but NWJS makes it pretty much huge.
Applications based on Electron or NWJS are usually at least 70MB big.
>The most interesting part by far in that package is the “chrome.exe”. Upon first inspection, “chrome.exe” looks suspiciously like a copy of the actual Chrome browser. Only the lack of a proper digital signature and version information hints that this file is not the actual Chrome browser. Upon further inspection, it turned out that this file is a packaged NW.js application.
Will it still work if I use Firefox as default browser?