Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Paradise Ransomware (.<Original Extension>[id-<Random>].[sstorm984@gmail.com].gmail)

  • Distribution Method : Remote access through Remote Desktop Protocol(RDP) or Terminal Services
 
  • MD5 : 8f1c406882c39c80fa2154ffdf9d41d2
 
  • Encrypted File Pattern : .<Original Extension>[id-<Random>].[sstorm984@gmail.com].gmail / .<Original Extension>[<Random>][sstorm984@gmail.com].gmail
 
  • Payment Instruction File : $%%! NOTE ABOUT FILES -=!-.html
 
  • Major Characteristics :
     - Offline Encryption
     - Excludes encryption on specific folders named "Chrome, Firefox, Google, Opera, Windows".
     - Delete Volume Shadow Copy Service (sc delete VSS)

List

위로