- Distribution Method : Unknown
- MD5 : 696452bdc9b90e64b76b69ef02ad5afb
- Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom_VIKI.A (Trend Micro)
- Encrypted File Pattern : .viki
- Payment Instruction File : readme.txt
- Major Characteristics :
- Offline Encryption
- The English and Russian users targeted
- Disable system restore (vssadmin Delete Shadows /All /Quiet)
- Changes desktop background (C:\Users\%UserName%\Desktop\wallpaper.jpg)
List