Ransomware Developers Turn to Intermittent Encryption to Evade Detection
In contrast to full encryption, intermittent encryption helps to evade analysis by exhibiting a significantly lower intensity of file IO operations and much higher similarity between non-encrypted and encrypted versions of a given file.