Everbe v2.0 Ransomware (.[eV3rbe@rape.lol].eV3rbe) - Videos - CheckMAL

Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Distribution Method : Unknown

MD5 : 488d6acbe700934c9c192767a5672bc0

Major Detection Name : a variant of Win64/Filecoder.P (ESET), Trojan.FileCryptor (Malwarebytes)

Encrypted File Pattern : .[eV3rbe@rape.lol].eV3rbe

Payment Instruction File : Readme if you want restore files.txt

Major Characteristics :
- Offline Encryption
- Embrace / PainLocker Ransomware series
- Block processes execution (MsDtsSrvr.exe, ntdbsmgr.exe, oracle.exe, sqlserv.exe, sqlservr.exe, sqlwriter.exe etc.)
- Disable system restore (vssadmin delete shadows /all /quiet)