Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Amnesia Ransomware (.amnesia)

  • Distribution Method : Remote access through Remote Desktop Protocol(RDP) or Terminal Services
 
  • MD5 : 98c0c4e58a97cf92f9c6992ee65e3f0f
 
  • Major Detection Name : Trojan-Ransom.Win32.Purga.an (Kaspersky), Ransom_AMNESIA.A (Trend Micro)
 
  • Encrypted File Pattern : .amnesia
 
  • Malicious File Creation Location : C:\Users\%UserName%\AppData\Roaming\guide.exe
 
  • Payment Instruction File : HOW TO RECOVER ENCRYPTED FILES.TXT
 
  • Major Characteristics :
         - Offline Encryption
         - Ransomware based Delphi 

List

위로