Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

WPEncrypt Ransomware (.locked / <Original Filename>.<Original Extension>.readme.txt)

  • Distribution Method : Unknown
 
  • MD5 : e7430c45f8e5d247e58516dccd9d4446
 
  • Major Detection Name : Generic.Ransom.Bitpaymer.0284916B (BitDefender), Ransom:Win32/Bitpaymer (Microsoft)
 
  • Encrypted File Pattern : .locked
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Local\<Random Foldername>
     - C:\Users\%UserName%\AppData\Local\<Random>\<Random>.exe
     - C:\Users\%UserName%\AppData\Local\<Random>:exe
 
  • Payment Instruction File : <Original Filename>.<Original Extension>.readme.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Streamer Ransomware series
     - Creates executable ADS (Alternate Data Stream) file (%LocalAppData%\<Random>:exe) and file encryption.

List

위로