- Distribution Method : Remote access through Remote Desktop Protocol(RDP) or Terminal Services
- MD5 : b9c366f867432026a09c798d4813fe34
- Major Detection Name : Behavior_Ransom/Win32.Filecoder.C4386244 (AhnLab V3), Trojan.Win32.Ransom.1583104[UPX] (ViRobot)
- Encrypted File Pattern : .file
- Payment Instruction File : !README!.txt
- Major Characteristics :
- Offline Encryption
- Cobain Ransomware series
List