Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Turkish Ransomware (.TRSomware)

  • Distribution Method : Unknown
 
  • MD5 : c1758dacfb814410cbe926b2028a6d13
 
  • Major Detection Name : Gen:Heur.Ransom.HiddenTears.1 (BitDefender), Ransom.HiddenTear!g1 (Norton)
 
  • Encrypted File Pattern : .TRSomware
 
  • Malicious File Creation Location : C:\Users\%UserName%\Desktop\@TMTeam@.png
 
  • Payment Instruction File : @TMTeam@.png / @Lütfen Beni Oku!@.txt
 
  • Major Characteristics :
     - Offline Encryption
     - The Turkish users targeted
     - Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\wallpaper.bmp)

List

위로