Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : c0ee0dfff90ae5f2af2a81bca1128617
 
  • Major Detection Name : TR/AD.RansomHeur.bikjb (Avira), Python/Filecoder.IB (ESET)
 
  • Encrypted File Pattern : <Original Filename>.<Original Extension>-[u.contact@aol.com].encrypted
 
  • Malicious File Creation Location :
     - C:\Users\%UserName%\AppData\Local\Temp\chrome.txt
     - C:\Users\%UserName%\Desktop\@_ALL_YOUR_FILES_HAVE_BEEN_ENCRYPTED.txt
     - C:\Users\%UserName%\Desktop\@_HOW_TO_RESTORE_YOUR_FILES.txt
 
  • Payment Instruction File : @_HOW_TO_RESTORE_YOUR_FILES.txt
 
  • Major Characteristics :
     - Offline Encryption
     - Disable system restore (vssadmin Delete Shadows /All /Quiet)

List

위로