Virus total:0 / 56 :o
Youtube:https://youtu.be/93RqY9sziqo
Confirmed here and here: https://www.hybrid-analysis.com/feed?raw
and here: https://malwaretips.com/threads/cryptolocker-ransomware-demonstration-of-attack.69727/
Also see: https://www.reverse.it/recent-submissions?filter=file&page=4&lang=zh
or rather: https://www.reverse.it/sample/b05c9fb690bf745884cf9d6154c56fce30bc98540ac546ae28f9f557d4f88b61?environmentId=100
The analysis extracted a known ransomware file, hidden inside a pdf.file.
pol
Downloaded file is detected as VBA:Downloader-ESI[Trj] by avast,so we are good 
The downloader that be secure posted is not detected but we should be protected since the downloaded file is caught.
This is a downloader that tricks the user into downloading from their site.Looks like malware writers weren’t getting people to download it from their site so they made this downloader.I had reported this URL yesterday night to avast at 9:28 IST
We are protected avast now detects the downloaded file.
Thanks for the info.@TrueIndian
Here is the URL of the downloaded file.This was already reported yesterday and detected with today’s VPS:
https://www.virustotal.com/en/url/75efa482d1c4b701afbc46a49924eb0f7a255aa887e04bfecf81dcbe8f62f348/analysis/1489897627/
Just because VT doesn’t detect it, that doesn’t mean it’s not detected. VT doesn’t use half of the cloud capabilities and it also doesn’t use Behavior Shield at all.
Yes that is exactly why Virustotal Is unreliable as a source of detection