Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : d0e87fd356979aff2a420957ec070d54
- Major Detection Name : Win32.Trojan-Ransom.Zeoticus.A (GData), Ransom.Win32.ZEOTICUS.C (Trend Micro)
- Encrypted File Pattern : .<Number>.outsourse@tutanota.com.2020END
- Malicious File Creation Location :
- C:\Windows\<Random>.exe
- <Drive Letter>:\<Random>.zeoticus2
- Payment Instruction File : README.html
- Major Characteristics :
- Offline Encryption
- Major Ransomware series
- EFI System Partition (G:) and Recovery Partition (F:) drives are activate.
- Block processes execution (agntsvc.exe, msftesql.exe, oracle.exe, sqlagent.exe, sqlbrowser.exe, xfssvccon.exe etc)
- Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\<Number>.jpg)