Videos
Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.
- Distribution Method : Mail attachment (.js)
- MD5 : 97f27561bb754a980092ee052da3802d
- Major Detection Name : Ransom/W32.Globeimposter.272384 (nProtect), Ransom_FAKEGLOBE.ENJ (Trend Micro)
- Encrypted File Pattern : ..txt
- Malicious File Creation Location :
- C:\Users\%UserName%\AppData\Local\Temp\pIURAAm2.exe
- C:\Users\Public\pIURAAm2.exe
- Payment Instruction File : Read_ME.html
- Major Characteristics :
- Offline Encryption
- Fake Globe / PSCrypt Ransomware series
- Disable system restore (vssadmin.exe Delete Shadows /All /Quiet)