Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 4ae2e5156253fbeed2c6f13a066c98a1
 
  • Major Detection Name : DeepScan:Generic.Ransom.DCRTR.323BD6F8 (BitDefender), Ransom.SpartCrypt (Malwarebytes)
 
  • Encrypted File Pattern : .CoronaCrypt[u.contact@aol.com]-[ID-<Random>].Encrypted
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\How_To_Restore_Your_Files.txt
     - C:\Users\%UserName%\AppData\Roaming\Temp (x86)
     - C:\Users\%UserName%\AppData\Roaming\Temp (x86)\Encrypted-Files.txt
     - C:\Users\%UserName%\AppData\Roaming\Temp (x86)\How_To_Restore_Your_Files.txt
     - C:\Users\%UserName%\AppData\Roaming\Temp (x86)\info.hta
     - C:\Users\%UserName%\AppData\Roaming\Temp (x86)\SINFO.txt
     - C:\Users\%UserName%\Desktop\How_To_Restore_Your_Files.txt
     - C:\Users\%UserName%\Desktop\info.hta
 
  • Payment Instruction File : How_To_Restore_Your_Files.txt / info.hta
 
  • Major Characteristics : Offline Encryption

List

위로