映像

様々なランサムウェアに対応するAppCheckの事前防御、自動復旧およびリアルタイムバックアップ機能を映像でご確認いただけます。

  • Distribution Method : Unknown
 
  • MD5 : 0f743287c9911b4b1c726c7c7edcaf7d
 
  • Major Detection Name : Ransom-Anabelle!0F743287C991 (McAfee), Ransom_LEBANA.THBBBAH (Trend Micro)
 
  • Encrypted File Pattern : .ANNABELLE
 
  • Major Characteristics :
         - Offline Encryption
         - Stupid Ransomware series
         - After completion of encryption, windows reboots automatically (shutdown.exe -r -f -t 0), and launches Screen Lock message
         - Blocks execution of system processes  (cmd.exe, gpedit.msc, msconfig.exe, taskmgr.exe, etc.) by adding registry value related to Image File Execution Options
         - Disable system restore (vssadmin delete shadows /all /quiet)
         - Turns off Windows Firewall (NetSh Advfirewall set allprofiles state off)
         - Turns off User Access Control (UAC)

リスト

위로