Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Mail Attachment (.docm)

 

  • MD5 : 9c7a41fbe431a41bfdf933436c846858

 

  • Major Detection Name : Trojan.Ransom.Marlboro (ALYac), Ransom:Win32/FileCryptor (Microsoft)

 

  • Encrypted File Pattern : .oops

 

  • Malicious File Creation Location :

     - C:\Users\%UserName%\IpOverUsbSvc.exe
     - C:\Users\%UserName%\Desktop\DecryptFiles.exe
     - C:\Users\%UserName%\Documents\aegnmiae.EXE
     - C:\Users\%UserName%\Documents\DecryptFiles.exe

 

  • Payment Instruction File : _HELP_Recover_Files_.html

 

  • Major Characteristics :
     - Offline Encryption
     - XOR-based encryption algorithm

List

위로