Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : b00a80f645dfeea15c54c9f1be228705
- Major Detection Name : Ransomware/PS.Netwalker (AhnLab V3), Ransom:PowerShell/NetWalker.SL!MTB (Microsoft)
- Encrypted File Pattern : .<6-Digit Random Extension>
- Malicious File Creation Location : C:\Users\%UserName%\Desktop\<Encryption Extension>-Readme.txt
- Payment Instruction File : <Encryption Extension>-Readme.txt
- Major Characteristics :
- Offline Encryption
- File encryption using system file "C:\Windows\explorer.exe"
- Block processes execution (agntsvc.exe, excel.exe, mspub.exe, outlook.exe, store.exe, visio.exe etc.)