Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

JSWorm v4.0.1 Ransomware (.[ID-<Random>][RansomwareRecoveryExperts@tutanota.c].JSWORM)

  • Distribution Method : Unknown
 
  • MD5 : 06cad770e2077a5b7f50c3280d2667c8
 
  • Major Detection Name : Gen:Heur.Ransom.Imps.1 (BitDefender), Ransom.JSWorm (Malwarebytes)
 
  • Encrypted File Pattern : .[ID-<Random>][RansomwareRecoveryExperts@tutanota.c].JSWORM
 
  • Malicious File Creation Location :
     - C:\ProgramData\JSWORM-DECRYPT.txt
     - C:\ProgramData\key.<Random>.JSWORM
     - C:\ProgramData\user_data.<Random>.JSWORM
 
  • Payment Instruction File : JSWORM-DECRYPT.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Disable system restore (vssadmin.exe delete shadows /all /quiet)

List

위로