GEHENNA LOCKER Ransomware (<Original Filename>.<Original Extension> → <Base64>.gehenna) - 映像 - チェックマル

映像

様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。

Distribution Method : Unknown

MD5 : 5d07dd594a3fa3a1f6a86da2beb68cb3

Major Detection Name : Generic.Ransom.Snatch.9242E87A (BitDefender), Ransom.MauriGo (Malwarebytes)

Encrypted File Pattern : <Original Filename>.<Original Extension> → <Base64>.gehenna

Malicious File Creation Location : C:\Users\%UserName%\Desktop\GEHENNA-KEY-README.txt

Payment Instruction File : GEHENNA-README-WARNING.html

Major Characteristics :
- Offline Encryption
- Disable system restore (vssadmin delete shadows /All /Quiet, bcdedit /set { default } bootstatuspolicy ignoreallfailures, wbadmin delete catalog - quiet)