Snatch Ransomware (.xbvpnvee) - Videos - CheckMAL

Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Distribution Method : Unknown

MD5 : b2207ef0b17908b7821ab321523d0c87

Major Detection Name : A variant of Win64/Filecoder.BL (ESET), W64/Kryptik.BQT!tr.ransom (Fortinet)

Encrypted File Pattern : .xbvpnvee

Malicious File Creation Location : C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HOW TO RESTORE YOUR FILES.TXT

Payment Instruction File : HOW TO RESTORE YOUR FILES.TXT

Major Characteristics :
- Offline Encryption
- Disable system restore (vssadmin delete shadows /all /quiet)