Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Golden Axe Ransomware (.<5-Digit Random Extension>)

  • Distribution Method : Unknown
 
  • MD5 : 3520dec68c0a8b28e7cf7b49e90a706e
 
  • Major Detection Name : Trojan.Ransomware.GenericKDS.31800997 (BitDefender), Ransom.Win32.GOLDENAXE.THCAHAI (Trend Micro)
 
  • Encrypted File Pattern : .<5-Digit Random Extension>
 
  • Malicious File Creation Location : C:\ProgramData\session.json
 
  • Payment Instruction File : # instructions-<Encryption Extension> #.jpg / # instructions-<Encryption Extension> #.txt / # instructions-<Encryption Extension> #.vbs
 
  • Major Characteristics :
     - Offline Encryption
     - Use a "Python Software Foundation" Digital Signatures
     - Block processes execution (anti*, backup*, malware*, sql*)
     - Disable system restore (vssadmin delete shadows /all /quiet)
     - Encryption guide using Text-to-Speech (TTS) function

List

위로