It appears this new ransomware, rather than exploiting through e-mail attachments, is exploiting users by redirecting them to infected websites.
It then delivers its payload through an installer. This makes the case we are always trumpeting at Alvaka, your users should not be running with local or network administrator rights. If they are restricted to the lowest level of privilege they need to do their work, these installers won’t work and you mitigate your risk of ransomware.