RozaLocker Ransomware(.enc) - Videos - CheckMAL

Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

Distribution Method : Unknown

MD5 : 8ea7224f71b5d248e9ec1b9cc56b33d4

Major Detection Name : Win32/Filecoder.RozaLocker.A (ESET), Ransom:Win32/FileCryptor (Microsoft)

암호화된 파일 유형 : .enc

Malicious File Creation Location: : C:\Windows\svchost.exe

Payment Instruction File : ReadMe.txt

Major Characteristics : 오프라인 암호화(Offline Encryption), 러시아어(Russian) 사용자 표적, 작업 관리자(Taskmgr.exe / DisableTaskMgr) 실행 차단, 바탕 화면 배경(C:\Windows\black.bmp) 변경