Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : 4540175bcec2b3d8c064d46bdc2cd44f
- Major Detection Name : Trojan.Ransom.CryptoJoker.A (BitDefender), Ransom/W32.CryptoNar.658944 (TACHYON)
- Encrypted File Pattern : .fully.cryptoNar / .partially.cryptoNar
- Malicious File Creation Location : C:\Users\%UserName%\Desktop\CryptoNarDecryptor.exe
- Payment Instruction File : CRYPTONAR RECOVERY INFORMATION.txt
- Major Characteristics :
- Offline Encryption
- CryptoJoker Ransomware series
- Encrypts ".md, .txt" files and renames file with extension ".fully.cryptoNar", while all other extension files are encrypted with extension ".partially.cryptoNar", where partial 1,024 bytes of files are encrypted.