Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Mole Ransomware (<Random Filename>.MOLE03)

  • Distribution Method : Attamps to redirect to malicious website using exploit. This website contains malicious file disguising Chrome font file.
  • MD5 : 041309e9b0887263c89f5ff23947cf3b
  • Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom_MOLE.A (Trend Micro)
  • Encrypted File Pattern : <Random Filename>.MOLE03
  • Malicious File Creation Location : C:\ProgramData\<Random>.exe
  • Payment Instruction File : _HELP_INSTRUCTION.TXT
  • Major Characteristics :
         - Offline Encryption
         - CryptFile2 / CryptoMix / CryptoShield / Revenge / Zeta Ransomware series
         - Create a fake "Display Color Calibration" message
         - Turn off Windows Security Center service