Amnesia Ransomware&.bvd
Hello. This crypto ransomware, encrypts files with the extension .bvd! I want to draw the attention of the developers of antivirus!
Distributed via RDP or may begin to spread via email, spam and malicious attachments, fraudulent downloads, botnets, exploits, web injects, fake updates and repacked infected installers. See. Also "Key distribution methods kriptovymogateley" on the introductory page of the blog . After gaining access to the system coder deletes all shadow copies of files, registers in the Windows startup folder, to be performed at every system startup. Encrypt the files in the first 1 MB through AES-256 in ECB mode. After that, the encrypted file extension is added .amnesia Amnesia uses the victim's identity template, consisting of 614 characters. List of file extensions that are encrypted:
http://id-ransomware.blogspot.com/2017/05/amnesia-ransomware.html
Comments
-
I want to clarify the .bvd extension, use bitdefender to create an encrypted disk.
The Bitdefender File Vault enables you to create encrypted, password-protected logical drives (or vaults) on your computer where you can securely store your confidential and sensitive documents. Physically, the vault is a file stored on the local hard drive having the .bvd extension. When you create a file vault, two aspects are important: the size and the password.0 -
Hello,
We are properly detecting all Amnesia ransomware samples we encountered by now and we are constantly updating our heuristics to cover new cases (samples) as we find them.
Thank you.0