Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 35dd867a30dfb315d29013bf024fca82
 
  • Major Detection Name : Ransom:Win32/NumberDot.A (Microsoft), Ransom_KRIDER.B (Trend Micro)
 
  • Encrypted File Pattern : <Random Filename>.NumberDot
 
  • Malicious File Creation Location :
         - C:\Users\%UserName%\AppData\Roaming\QKYS\KRider.exe
         - C:\Users\%UserName%\AppData\Roaming\QKYS\StatLevel.exe
         - C:\Users\%UserName%\Desktop\YOUR_CODE_IS_<Number>.<Number>
 
  • Major Characteristics :- Offline Encryption, Krider Ransomware series, Blocks execution of Task Manager (Taskmgr.exe / DisableTaskMgr)

List

위로