Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : c85baa1d75f5d96d5a8ea6c19f8850d7
 
  • Major Detection Name : Trojan.Ransom.AdamLocker.A (BitDefender), Ransom_ADAMLOCKER.THAOBFH (Trend Micro)
 
  • Encrypted File Pattern : .adam
 
  • Malicious File Creation Location :
         - C:\ProgramData\adm_64.exe
         - C:\run.exe
         - \\host_adm.exe
 
  • Major Characteristics :
         - Offline Encryption
         - Developed by a Korean
         - Disable and Blocks Windows Run Command in Start menu (NoRun), Task Manager (DisableTaskMgr) and Folder Options (NoFolderOptions).
         - Associate .adam file to run AdamLocker ransomware by writing key in registry (HKEY_CLASSES_ROOT\adam\shell\open\command)

List

위로