Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Hermes Ransomware (<Original Filename>.<Original Extension>)

  • Distribution Method : Unknown

 

  • MD5 : 61075faba222f97d3367866793f0907b

 

  • Major Detection Name : Trojan.Ransom.Hermes (ALYac), Trojan-Ransom.Win32.Gen.cqo (Kaspersky)

 

  • Encrypted File Pattern : <Original Filename>.<Original Extension>

 

  • Malicious File Creation Location :

    - C:\Eleven
    - C:\Eleven\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk
    - C:\users\Public\Reload.exe
    - C:\users\Public\shade.bat
    - C:\Users\Public\shade.vbs
    - C:\Users\Public\system_.bat

 

  • Payment Instruction File : DECRYPT_INFORMATION.html

 

  • Major Characteristics :
     - Offline Encryption
     - Delete backup files (Backup*.* / *.bac / *.bak / *.bkf / *.dsk / *.set / *.VHD / *.wbcat / *.win)

List

위로