BlackMatter Ransomware (.<9-Digit Random Extension> / <Encryption Extension>.README.txt) - 映像 - チェックマル

映像

様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。

Distribution Method : Unknown

MD5 : 598c53bfef81e489375f09792e487f1a

Major Detection Name : Ransomware/Win.BlackMatter.C4575089 (AhnLab V3), Win32:BlackMatter-B [Ransom] (AVG)

Encrypted File Pattern : .<9-Digit Random Extension>

Payment Instruction File : <Encryption Extension>.README.txt

Major Characteristics :
- Offline Encryption
- Delete Volume Shadow Copy Service
- Includes the ability to run ransomware after booting in safe mode (bcdedit /set {current} safeboot network)
- Changes desktop background (C:\ProgramData\<Encryption Extension>.bmp)