Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Remote access through Remote Desktop Protocol(RDP) or Terminal Services
- MD5 : 3572986d1678e57f8dab72879eb3e20c
- Major Detection Name : Trojan.Ransom.CryptoMix (ALYac), Ransom.Win32.CRYPTOMIX.THDAOAI (Trend Micro)
- Encrypted File Pattern : <Random Filename>.DLL
- Malicious File Creation Location :
- C:\ProgramData\<Random>.DLL
- C:\ProgramData\<Random>.exe
- C:\Users\%UserName%\Desktop\_HELP_INSTRUCTION.TXT
- Payment Instruction File : _HELP_INSTRUCTION.TXT
- Major Characteristics :
- Offline Encryption
- CryptFile2 / CryptoShield / HydraCrypt / Mole / Revenge / Zeta Ransomware series