- Distribution Method : Unknown
- MD5 : 5cbbb79d792594b626fe5390aeea3949
- Major Detection Name : Trojan.Ransom.Jigsaw (ALYac), Ransom:Win32/Genasom (Microsoft)
- Encrypted File Pattern : .To unlock your files send 0.15 Bitcoins to 1P67AghL2mNLbgxLM19oJYXgsJxyLfcYiz within 24 hours 0.20 after 24 hours
- Malicious File Creation Location :
- C:\Users\%UserName%\AppData\Roaming\Pidgcs\pidgcs.exe
- C:\Users\%UserName%\AppData\Roaming\System32Work\Address.txt
- C:\Users\%UserName%\AppData\Roaming\System32Work\dr
- C:\Users\%UserName%\AppData\Roaming\System32Work\EncryptedFileList.txt
- Major Characteristics : Offline Encryption, Jigsaw Ransomware, set hidden attribute to files after encryption. Targets English / Spanish Users.
List