Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Amnesia Ransomware (.amnesia)

  • Distribution Method : Remote access through Remote Desktop Protocol(RDP) or Terminal Services
  • MD5 : 98c0c4e58a97cf92f9c6992ee65e3f0f
  • Major Detection Name : (Kaspersky), Ransom_AMNESIA.A (Trend Micro)
  • Encrypted File Pattern : .amnesia
  • Malicious File Creation Location : C:\Users\%UserName%\AppData\Roaming\guide.exe
  • Payment Instruction File : HOW TO RECOVER ENCRYPTED FILES.TXT
  • Major Characteristics :
         - Offline Encryption
         - Ransomware based Delphi