Snake Ransomware (.<Original Extension><5-Digit English Random> / Decrypt-Your-Files.txt / Version FRESENIUS) - Videos - CheckMAL

Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Distribution Method : Unknown

MD5 : 47ebe9f8f5f73f07d456ec12bb49c75d

Major Detection Name : Trojan/Win32.SnakeRansom.R335473 (AhnLab V3), Trojan-Ransom.Win32.Snake.a (Kaspersky)

Encrypted File Pattern : <Original Filename>.<Original Extension> → .<Original Extension><5-Digit English Random>

Payment Instruction File : Decrypt-Your-Files.txt

Major Characteristics :
- Offline Encryption
- Block processes execution (MpUXSrv.exe, MSASCui.exe, MsMpEng.exe, NisSrv.exe, rpctool.exe, vmtoolsd.exe etc.)