- Distribution Method : Unknown
- MD5 : be7b200d211566a3a91c7f832559b461
- Major Detection Name : Trojan.Ransom.GandCrab.C (BitDefender), Ransom_GANDCRAB.THCOFH (Trend Micro)
- Encrypted File Pattern : .CRAB
- Payment Instrucition File : CRAB-DECRYPT.txt
- Major Characteristics :
- Block processes execution (msftesql.exe, oracle.exe, sqlagent.exe, sqlbrowser.exe, sqlservr.exe, sqlwriter.exe etc.)
- Disable system restore (WMIC.exe shadowcopy delete)
- DASH Digital Currency demand
List