Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Mail attachment (.docx)
- MD5 : 274070b2e5342cb8b28e7807a0c8bbaf
- Major Detection Name : Ransom-Bugware!274070B2E534 (McAfee), Ransom:Win32/Genasom (Microsoft)
- Encrypted File Pattern : .[MAXVISION@SECMAIL.PRO].CRIPTOGRAFADO
- Malicious File Creation Location : C:\Users\%UserName%\AppData\Local\<Random>-<Random>-<Random>-<Random>-<Random>.scr
- Major Characteristics :
- Offline Encryption
- Hidden-Tear Open Source based Ransomware
- Use an invalid "Microsoft Corporation" Digital Signatures
- Automatically reboot Windows after file encryption is complete (shutdown.exe -r -t 5)
- Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\bw.bmp)