Thor ransomware is a encrypting successor of ill-famed Locky ransomware, a threat that already has many variants. However, it significantly differs from previous editions of the virus. First of all, it combines RSA and AES ciphers, which makes decryption of files way more difficult than before. Second, now it is capable of scattering over 400 file types. Altogether these factors make the malware a serious hazard to information safety.