映像
様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。
- Distribution Method : Automatic infection using exploit by visiting website
- MD5 : 67014122a38c627ca88d2df063ecdca6
- Major Detection Name : Trojan/Win32.Gandcrab.C2400290 (AhnLab V3), Ransom.GandCrab (Norton)
- Encrypted File Pattern : .CRAB
- Payment Instruction File : CRAB-DECRYPT.txt
- Major Characteristics :
- Fileless-based Ransomware
- File encryption using "C:\Windows\explorer.exe" system file
- Block processes execution (msftesql.exe, oracle.exe, sqlagent.exe, sqlbrowser.exe, sqlservr.exe, sqlwriter.exe etc.)
- Automatically reboot Windows after file encryption is complete