- Distribution Method : Unknown
- MD5 : 4071a0e28a5f23406e00c8f7e93caea9
- Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom_HAPPYDAYZZZ.A (Trend Micro)
- Encrypted File Pattern: [blackjockercrypter@gmail.com].<Random>.happydayzzz
- Payment Instruction File : How To Recover Encrypted Files.hta / How To Recover Encrypted Files.html
- Major Characteristics : AutoIt 기반 Ransomware, Globe Ransomware 결제 메시지 모방, C&C 서버 통신 ID값마다 다양한 암호화 알고리즘(3DES, AES-128, AES-192, AES-256, DES, RC2, RC4) 사용, 암호화 대상 폴더에 존재하는 dll, exe 등 파일 암호화
List