Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 748de52961d2f182d47e88d736f6c835
 
  • Major Detection Name : Ransom:Win32/BlackSuit.B (Microsoft), Ransom.Blacksuit (Norton)
 
  • Encrypted File Pattern : .BlackSuit
 
  • Message File : README.BlackSuit.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Royal / Zeon Ransomware series
     - Disable system restore ("C:\Windows\Sysnative\vssadmin.exe" Delete Shadows /All /Quiet)
     - Disable Safe Mode Boot Settings (C:\Windows\Sysnative\bcdedit.exe /deletevalue {current} safeboot)

List

위로