Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 8d4df11dd86bd6ed50767765d55e7bb9
 
  • Encrypted File Pattern : .bmp
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Local\Temp\<Random>.exe
     - C:\Users\%UserName%\AppData\Local\Temp\memeFile.bmp
 
  • Payment Instruction File : READMEPLEASE.TXT
 
  • Major Characteristics :
     - Offline Encryption
     - Disable and Blocks Task Manager (DisableTaskMgr)
     - Disable system restore (wmic SHADOWCOPY DELETE, wbadmin DELETE SYSTEMSTATEBACKUP, bcdedit.exe /set default bootstatuspolicy ignoreallfailures, bcdedit.exe /set default recoveryenabled No)

List

위로