CHECKLIST
For Worry-Free Business Security Services (WFBS-SVC) customers, please follow the Worry-Free Security Services Checklist to protect the network from REvil Ransomware. Please contact Trend Micro support for any assistance needed in configuring your protections from this threat.
Trend Micro customers who run specialized system like POS terminals running at times on legacy OS such as Windows Embedded XP very often cannot run real time AV/AM scanners equipped with the latest detection techniques, for such customers Txone Stellar Enforce and Portect software agent which can be installed on legacy OS systems and provide adequate protection against of the different type of Ransomware attacks including REvil.
Please contact Trend Micro Technical Support for any assistance needed in configuring your protections from this threat.
PROACTIVE IOC ASSESSMENT
For Worry-Free XDR or Worry-Free EDR customers, please use the following Indicators of Compromise below to initiate a proactive IOC Assessment across your network and take necessary mitigation actions.
For MSP partners, you can perform the IOC Assessment across Worry-Free XDR and Worry-Free EDR customers from your Remote Manager console – Instructions.
| INDICATOR | TYPE |
|---|---|
| 8dd620d9aeb35960bb766458c8890ede987c33d239cf730f93fe49d90ae759dd | SHA-256 |
| 2093c195b6c1fd6ab9e1110c13096c5fe130b75a84a27748007ae52d9e951643 | SHA-256 |
| d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e | SHA-256 |
| e2a24ab94f865caeacdf2c3ad015f31f23008ac6db8312c2cbfb32e4a5466ea2 | SHA-256 |
For TxOne Stellar customers, please use the following indicators (User-Defined Suspicious Objects).
| User-Defined Suspicious Objects (UDSO) | TYPE |
|---|---|
| e1d689bf92ff338752b8ae5a2e8d75586ad2b67b | SHA-1 |
| 656c4d285ea518d90c1b669b79af475db31e30b1 | SHA-1 |
| 5162f14d75e96edb914d1756349d6e11583db0b0 | SHA-1 |