Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Rapid Ransomware (.Nano)

  • Distribution Method : Unknown
 
  • MD5 : db35f2cbc8fd4411e78ea6c6a8b50aa3
 
  • Major Detection Name : Gen:Variant.Ransom.Rapid.49 (BitDefender), Ransom.Rapid.Generic (Malwarebytes)
 
  • Encrypted File Pattern : .Nano
 
  • Payment Instrucition File : #RECOVERY_FILES#.txt
 
  • Major Characteristics :
     - Offline Encryption
     - File encryption using "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe"
     - Block processes execution (isqlplussvc.exe, msaccess.exe, msftesql.exe, mysqld-nt.exe, mysqld-opt.exe, mysqld.exe etc.)
     - Disable system restore (wbadmin DELETE SYSTEMSTATEBACKUP, wmic SHADOWCOPY DELETE, vssadmin Delete Shadows /All /Quiet, bcdedit /set {default} recoveryenabled No, bcdedit /set {default} bootstatuspolicy ignoreallfailures)

List

위로