- Distribution Method : Log4j exploit (CVE-2021-44228)
- MD5 : 6ac57a1e090e7abdb9b7212e058c43c6
- Major Detection Name : MSIL.Trojan-Ransom.Khonsari.A (GData), Ransom:MSIL/Coffeext.A (Microsoft)
- Encrypted File Pattern : .khonsari
- Malicious File Creation Location : C:\Users\%UserName%\Desktop\HOW TO GET YOUR FILES BACK.TXT
- Payment Instruction File : HOW TO GET YOUR FILES BACK.TXT
List