Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Mail attachment file
- MD5 : c30d9b4ef71496b48ae342b1f96eb0ee
- Encrypted File Pattern : .PLUTO_<7-Digit Random>
- Payment Instruction File : PLUTO_<7-Digit Random>-DECRYPT.txt
- Major Characteristics :
- Offline Encryption
- Nefilim / Nemty Ransomware series
- Checking IP address (api.db-ip.com)
- Disable system restore (vSSAdmiN dELeTe ShaDowS /AlL /qUieT)
- Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\god.jpg)