Odveta - Ransomware
The ransomware appends ".odveta" to infected files and requires the victim to pay the ransom in two days or the ransom will double. If the victim waits for more than a week to pay the amount will triple. Users are required to email the threat actor with the ransomware ID located in the ransom note. Odveta uses RSA and AES-256 encryption and stops various services including MSSQL, MySQL, and MSDTC before encrypting files.