Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Cring Ransomware (.cring / deReadMe!!!.txt)

  • Distribution Method : Unknown
 
  • MD5 : c5d712f82d5d37bb284acd4468ab3533
 
  • Major Detection Name : Ransomware/Win.Cring.R415226 (AhnLab V3), Gen:Variant.Ransom.Cring.2 (BitDefender)
 
  • Encrypted File Pattern : .cring
 
  • Payment Instruction File : deReadMe!!!.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Block processes execution (mspub.exe, mydesktopqos.exe)
     - Stop multi services (BMR Boot Service, NetBackup BMR MTFTP Service, mydesktopservice.exe)
     - Disable multi services (sc config SQLTELEMETRY start= disabled, sc config SQLTELEMETRY$ECWDB2 start= disabled, sc config SQLTELEMETRY$ECWDB2 start= disabled, sc config SstpSvc start= disabled)
     - Delete backup files (*.bac, *.bak, *.bkf, *.dsk, *.set, *.VHD, *.wbcat, *.win, Backup*.*, backup*.*)

List

위로