Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 339b5e9f5857ab9f482d8be23b4502e5
 
  • Major Detection Name : Trojan.Ransom.BTCWare (ALYac), Ransom:Win32/Betisrypt.A (Microsoft)
 
  • Encrypted File Pattern : .[sql772@aol.com].theva
 
  • Malicious File Creation Location :
         - C:\Users\%UserName%\AppData\Roaming\#_README_#.inf
         - C:\Users\%UserName%\AppData\Roaming\zmsksddfff.exe
         - C:\Users\%UserName%\Desktop\key.dat
 
  • Payment Instruction File : #_README_#.inf
 
  • Major Characteristics :
         - Offline Encryption
         - Crptxxx Ransomware series
         - Changes desktop background (C:\Users\%UserName%\AppData\Roaming\1.bmp)

List

위로