Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Attamps to redirect to malicious website using exploit. This website contains malicious file disguising Chrome font file.
- MD5 : 041309e9b0887263c89f5ff23947cf3b
- Major Detection Name : Ransom:Win32/Genasom (Microsoft), Ransom_MOLE.A (Trend Micro)
- Encrypted File Pattern : <Random Filename>.MOLE03
- Malicious File Creation Location : C:\ProgramData\<Random>.exe
- Payment Instruction File : _HELP_INSTRUCTION.TXT
- Major Characteristics :
- Offline Encryption
- CryptFile2 / CryptoMix / CryptoShield / Revenge / Zeta Ransomware series
- Create a fake "Display Color Calibration" message
- Turn off Windows Security Center service