Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Mail attachment (.js)
 
  • MD5 : 568bcac1fa2d1a16bbfac44eb8cc1758
 
  • Major Detection Name : JS/TrojanDownloader.Nemucod.DKD (ESET), TrojanDownloader:JS/Nemucod (Microsoft)
 
  • Encrypted File Pattern : No Change
 
  • Malicious File Creation Location :
         - C:\Users\%UserName%\AppData\Local\Temp\1FTaZDFWbBJHKsaU96ki8ozQj27XHdmoMg.db
         - C:\Users\%UserName%\AppData\Local\Temp\1FTaZDFWbBJHKsaU96ki8ozQj27XHdmoMg.doc
         - C:\Users\%UserName%\AppData\Local\Temp\1FTaZDFWbBJHKsaU96ki8ozQj27XHdmoMg.exe
         - C:\Users\%UserName%\AppData\Local\Temp\1FTaZDFWbBJHKsaU96ki8ozQj27XHdmoMg.php
         - C:\Users\%UserName%\AppData\Local\Temp\php5.dll
 
  • Payment Instruction File : <Random>.hta
 
  • Major Characteristics :
         - Nemucod Ransomware series
         - PHP based Ransomware

List

위로