- Distribution Method : Unknown
- MD5 : 6d0fefdd39ad1c289e15eac8cb2d9394
- Major Detection Name : Ransom:Win32/Genasom (Microsoft), RANSOM_WCRY.TIAOBFN (Trend Micro)
- Encrypted File Pattern : .bitcoin
- Malicious File Creation Location : C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bitcoin2018.txt
- Payment Instruction File : bitcoin2018.txt
- Major Characteristics : Offline Encryption
List