Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : 6cdd7ca85e3828897d6e39b1ab93e6a2
- Major Detection Name : W32/Encoder.AG!tr (Fortinet), Trojan.Ransom.CryptAIT.D (GData)
- Encrypted File Pattern : <Original Filename>.<Original Extension>
- Malicious File Creation Location : C:\Users\%UserName%\ReadmeCrypto.txt
- Payment Instruction File : ReadmeCrypto.txt
- Major Characteristics :
- Offline Encryption
- Changes desktop background (C:\Users\%UserName%\pl.bmp)
- Automatically shuts down Windows after file encryption is complete (shutdown /r /t 1)