VERY IMPORTANT

This report details the technical analysis conducted by Stormshield's Cyber Threat Intelligence team on the Crypt888 ransomware, a malware family also known as Strictor or Nymeria. It outlines the initial attack vectors, language and obfuscation techniques used, the chronology of the ransomware attack including UAC bypass, file encryption, and ransom note display. The report also provides a synthesis of the attack modeling using the MITRE ATT&CK framework, indicators of compromise (IOCs), and recommendations for protection against this threat.