Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Mail attachment
 
  • MD5 : 64ecd43e1d8266aa6dcfc3699ad64b7d
 
  • Major Detection Name : Trojan-Ransom.Win32.Purgen.dn (Kaspersky), Ransom_FAKEGLOBE.Q (Trend Micro)
 
  • Encrypted File Pattern : .write_us_on_email
 
  • Payment Instruction File : how_to_back_files.html
 
  • Major Characteristics :
         - Offline Encryption
         - Fake Globe / PSCrypt Ransomware series
         - Disable system restore (vssadmin.exe Delete Shadows /All /Quiet)
         - Changes desktop background (C:\Users\%UserName%\AppData\Local\Temp\wall.jpg)

List

위로