Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : 2c0554d57c1d37c1a3cef4565d1faee5
- Major Detection Name : Ransom:MSIL/Vashicrypt.A (Microsoft), Ransom_HIDDENTEARDIAMOND.B (Trend Micro)
- Encrypted File Pattern : .<6 Digit Random Extension>
- Malicious File Creation Location :
- C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winmgr322.vbe
- C:\Users\%UserName%\AppData\Roaming\winmgr322.exe\winmgr322.exe
- Payment Instrucition File : _READ_IT_FOR_RECOVER_FILES.html
- Major Characteristics : Offline Encryption