AnteFrigus is only provided by the RIG exploit kit via redirects from the Hookads malicious ad campaign. Once installed, AnteFrigus attempts to encrypt files on drives D, E, F, G, H, and I and avoids encrypting files whose extension matches a hard-coded exclusion list. The ransomware demands ,995 for the decryption key and raises the ransom to ,990 if it is not paid within four days.