Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : JBoss Exploit, Remote access through Remote Desktop Protocol(RDP) or Terminal Services
- MD5 : 4c8fb28a68168430fd447ba1b92f4f42
- Major Detection Name : Trojan-Ransom.MSIL.Samas.f (Kaspersky), Ransom:MSIL/Samas.A (Microsoft)
- Encrypted File Pattern : .encryptedRSA
- Payment Instruction File : HELP_DECRYPT_YOUR_FILES.txt
- Major Characteristics :
- Offline Encryption
- Terminates a specific processes
- Disable system restore (vssadmin delete shadows /all /quiet)
- Create del.exe and selfdel.exe files for self removal