Videos

Check out our video libray AppCheck defending aginst newest ransomware

Viro Ransomware (.locked)

  • Distribution Method : Unknown
 
  • MD5 : 2fecd4f0c54821bf55af7a71a03340b4
 
  • Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom.HiddenTear!g1 (Norton)
 
  • Encrypted File Pattern : .locked
 
  • Malicious File Creation Location :
         - C:\Temp\Keys
         - C:\Temp\Keys\keys<Random>.txt
 
  • Major Characteristics :
         - Offline Encryption
         - Hidden-Tear Open Source based Ransomware
         - Acquire Web browser site visit history and keylogging send to gmail account (drive.update.chromium@gmail.com)
         - Changes desktop background (%Temp%\didierjesus.jpg)

Go to List

Please upgrade your web browser for better website experience.

위로