Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Unknown
- MD5 : feb7b1e0161df136c3d385bfd2d4b247
- Major Detection Name : Ransomware/Win.Nokoyawa.C5134208 (AhnLab V3), Ransom:Win64/Nokoyawa.A (Microsoft)
- Encrypted File Pattern : .NOKOYAWA
- Payment Instruction File : NOKOYAWA_readme.txt
- Major Characteristics :
- Offline Encryption
- Block processes execution (agntsvc.exe, dbsnmp.exe, isqlplussvc.exe, oracle.exe, sql.exe, synctime.exe etc.)
- Stop multi services (backup, DefWatch, GxVss, sophos, veeam, YooIT etc.)