Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Mail attachment (.docx)
 
  • MD5 : 274070b2e5342cb8b28e7807a0c8bbaf
 
  • Major Detection Name : Ransom-Bugware!274070B2E534 (McAfee), Ransom:Win32/Genasom (Microsoft)
 
  • Encrypted File Pattern : .[MAXVISION@SECMAIL.PRO].CRIPTOGRAFADO
 
  • Malicious File Creation Location : C:\Users\%UserName%\AppData\Local\<Random>-<Random>-<Random>-<Random>-<Random>.scr
 
  • Major Characteristics :
     - Offline Encryption
     - Hidden-Tear Open Source based Ransomware
     - Use an invalid "Microsoft Corporation" Digital Signatures
     - Automatically reboot Windows after file encryption is complete (shutdown.exe -r -t 5)
     - Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\bw.bmp)

List

위로