Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 6a9f56a2f298e5acb6b2e84bb2864e08
 
  • Major Detection Name : Trojan.Ransom.BugWare (ALYac), MSIL/Filecoder.KD (ESET)
 
  • Encrypted File Pattern : .[SLAVIC@SECMAIL.PRO].BUGWARE
 
  • Malicious File Creation Location : C:\Users\%UserName%\AppData\Local\Temp\<Random>.exe
 
  • Major Characteristics :
         - Offline Encryption
         - Hidden-Tear Open Source based Ransomware
         - Use an invalid "GAS INFORMATICA LTDA" Digital Signatures
         - The Portuguese users targeted
         - Automatically reboot Windows after file encryption is complete
         - Changes desktop background (C:\Users\%UserName%\Desktop\bugware.bmp)

List

위로