Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : cd1593cd04bce5825c62148d00cbe99a
 
  • Major Detection Name : Malware/Win32.Ransom_wcry.C2669647 (AhnLab V3), Ransom_WCRY.THHOFAH (Trend Micro)
 
  • Encrypted File Pattern : .wannacryv2
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Local\Temp\Disk fixer.exe
     - C:\Users\%UserName%\AppData\Local\Temp\remover.bat
     - C:\Users\%UserName%\Desktop\wanna cry v2 decryptor.exe
 
  • Major Characteristics :
     - Offline Encryption
     - AutoIt scripts based Ransomware
     - Overwrites empty disk space to make impossible to restore files using the "Disk fixer.exe" file.

List

위로