Nemucod ransomware was originally seen in January of 2016.
A few updates were made through 2016 to help avoid Anti-Virus and Spam detections including:
Adding XOR encryption to encrypt the first 2048 bytes of the file, adding a password to the zip files that were attached to the emails, generating a key at the time of running as opposed to a hard coded key in the executable, and finally adding a php script to help with the encryption.
Nemucod demands anywhere from 0.1 to 0.5 BitCoin (roughly $210 in 2016) to decrypt the victims files.
If you are interested in learning about other Ransomware families that we have published research reports on you can read more here