Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : cea1cb418a313bdc8e67dbd6b9ea05ad
 
  • Major Detection Name : Generic.Ransom.GoodWill.A.E7C86E5C (BitDefender), Ransom.MSIL.GOODWILL.THCBAB (Trend Micro)
 
  • Encrypted File Pattern : .gdwill
 
  • Malicious File Creation Location :
     - C:\Users\Public\Windows
     - C:\Users\Public\Windows\Ui
     - C:\Users\Public\Windows\Ui\alertmsg.zip
     - C:\Users\%UserName%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\unlock your files.lnk
     - C:\Users\%UserName%\Desktop\unlock your files.lnk
     - <Network Drive Letter>:\unlock your files.lnk
 
  • Payment Instruction File : index.html
 
  • Major Characteristics : Encrypt files with specific file extensions (.pdf, .txt) only.

List

위로