Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

CyberSplitterVBS Ransomware(.Saher Blue Eagle)

AppCheck Anti-Ransomware 제품이 파일을 .Saher Blue Eagle 확장명으로 암호화하는 CyberSplitterVBS Ransomware (= CyberSplitter Ransomware, N-SpLiTTer Ransomware) 행위를 차단/제거 및 일부 훼손된 파일을 자동 복원하는 영상입니다.


  • Distribution Method : Unknown


  • MD5 : 6f6c476bd90b09b81a099cad8f89f5aa


  • Major Detection Name : Trojan-Ransom.Win32.Crypmodadv.xez (Kaspersky), Ransom_EDA2Runsome.G (Trend Micro)


  • Encrypted File Pattern : .Saher Blue Eagle


  • Malicious File Creation Location: : C:\Users\%UserName%\AppData\Local\Temp\(Random).exe


  • Major Characteristics : 오프라인 암호화(Offline Encryption), "This assembly is protected by an unregistered version of Eziriz's ".NET Reactor"!" 가짜 메시지 생성