映像
様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。
- Distribution Method : Attamps to redirect to malicious website using exploit. This website contains malicious file disguising Chrome font file.
- MD5 : 041309e9b0887263c89f5ff23947cf3b
- Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom_MOLE.A (Trend Micro)
- Encrypted File Pattern : <Random Filename>.MOLE03
- Malicious File Creation Location : C:\ProgramData\<Random>.exe
- Payment Instruction File : _HELP_INSTRUCTION.TXT
- Major Characteristics :
- Offline Encryption
- CryptFile2 / CryptoMix / CryptoShield / Revenge / Zeta Ransomware series
- Create a fake "Display Color Calibration" message
- Turn off Windows Security Center service