映像
様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。
- Distribution Method : Automatic infection using exploit when accessing website, mail attachments (.js)
- MD5 : fefedcf8301a2f5a82493566fda32947
- Major Detection Name : W32/Zerber.DSUN!tr (Fortinet), Mal/FareitVB-M (Sophos)
- Encrypted File Pattern : <Random>.<4-Digit Random Extension>
- Malicious File Creation Location: : C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Templates\<Random>.exe
- Payment Instruction File : _!!!_README_!!!_<Random>_.hta / _!!!_README_!!!_<Random>_.txt
- Major Characteristics : Offline Encryption, File encryption from Offset 0x700 for the encryption target file, User Folder created in C drive root / Document / Desktop / Other Partition / USB Drive File Encryption, Generate payment instructions in 13 languages.