Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 7d1d08df8ab9090f2fd432bda50e4a14
 
  • Major Detection Name : Gen:Heur.Ransom.REntS.Gen.1 (BitDefender), W32/Rapid.E!tr.ransom (Fortinet)
 
  • Encrypted File Pattern : <Random Filename>.covid19
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Roaming\!DECRYPT_FILES.txt
     - C:\Users\%UserName%\AppData\Roaming\noputana.exe
 
  • Payment Instruction File : !DECRYPT_FILES.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Disable and Blocks Command Prompt (cmd.exe) and Task Manager (Taskmgr.exe)
     - Block processes execution (agntsvc.exeagntsvc.exe, dbsnmp.exe, msftesql.exe, oracle.exe, sqlagent.exe, synctime.exe etc.)

List

위로