Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Log4j exploit (CVE-2021-44228)
- MD5 : 0a34b668102bc070e8cb1d1fc1b0b462
- Major Detection Name : Gen:Variant.Ransom.Hive.6 (BitDefender), Ransom.Tellyouthepass (Norton)
- Encrypted File Pattern : .locked
- Malicious File Creation Location :
- C:\ProgramData\encfile.txt
- C:\ProgramData\public.txt
- C:\ProgramData\showkey.txt
- Payment Instruction File : README.html
- Major Characteristics :
- Offline Encryption
- Block processes execution (dbsnmp.exe, msftesql.exe, oracle.exe, sqlagent.exe, tnslsnr.exe, wordpad.exe etc.)
- Delete WM task scheduler value