Videos

Check out our video library AppCheck defending against newest ransomware, automatic recovery and real-time backup.

  • Distribution Method : Unknown
 
  • MD5 : 46f5092fcedc2fee4bfbd572dd2a8f6f
 
  • Major Detection Name : Trojan.Ransom.Rapid.A (BitDefender), Ransom/W32.Rapid.921088 (nProtect)
 
  • Encrypted File Pattern : .rapid
 
  • Malicious File Creation Location :
         - C:\Users\%UserName%\AppData\Roaming\info.exe
         - C:\Users\%UserName%\AppData\Roaming\recovery.txt
 
  • Payment Instrucition File : How Recovery Files.txt / recovery.txt
 
  • Major Characteristics :
         - Offline Encryption
         - Block processes execution (oracle.exe, sql.exe, sqlite.exe)
         - Disable system restore (vssadmin.exe Delete Shadow /All /Quiet, bcdedit.exe /set {default} recoveryenabled No, bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures)

List

위로