Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : 3520dec68c0a8b28e7cf7b49e90a706e
- Major Detection Name : Trojan.Ransomware.GenericKDS.31800997 (BitDefender), Ransom.Win32.GOLDENAXE.THCAHAI (Trend Micro)
- Encrypted File Pattern : .<5-Digit Random Extension>
- Malicious File Creation Location : C:\ProgramData\session.json
- Payment Instruction File : # instructions-<Encryption Extension> #.jpg / # instructions-<Encryption Extension> #.txt / # instructions-<Encryption Extension> #.vbs
- Major Characteristics :
- Offline Encryption
- Use a "Python Software Foundation" Digital Signatures
- Block processes execution (anti*, backup*, malware*, sql*)
- Disable system restore (vssadmin delete shadows /all /quiet)
- Encryption guide using Text-to-Speech (TTS) function