Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : 944f0e84478ec77412b0aea13dfd0fa3
- Major Detection Name : Generic.Ransom.LockCrypt.3.E46B7FBD (BitDefender), Ransom.Win32.UPPER.A (Trend Micro)
- Encrypted File Pattern : .UPPER
- Payment Instruction File : infoUPPER.txt
- Major Characteristics :
- Offline Encryption
- Embrace / Everbe / Evil Locker / PainLocker Ransomware series
- Block processes execution (fdlauncher.exe, firefoxconfig.exe, mysqld-nt.exe, ocautoupds.exe, postgres.exe, sqlwriter.exe etc.)
- Stop multi services (MSSQL, MSSQLFDLauncher, MSSQLSERVER, SQLAgent, SQLSERVERAGENT, SQLWriter etc.)
- Disable system restore (vssadmin delete shadows /all /quiet)