App Review GOLDENEYE Ransomware!Demonstration of attack video review.

GrujaRS · Dec 6, 2016

Mischa Ransomware updated in GOLDENEYE Ransomware!

DardiM · Dec 6, 2016

Thanks for your great video review

Antivirus scan for b5ef16922e2c76b09edd71471dd837e89811c5e658406a8495c1364d0d9dc690 at 2016-12-06 21:00:01 UTC - VirusTotal
https://www.hybrid-analysis.com/sam...5e658406a8495c1364d0d9dc690?environmentId=100

Anker_by · Dec 6, 2016

I follow you on youtube and see thanks for sharing!!

cruelsister · Dec 7, 2016

Note that with this new malware the Mischa component is dropped only when the original malware vector can't get Admin privilege. Otherwise you'll see the usual system repair screens while the malware is messing with the MBR, and when finished you'll get the "skull and crossbones" ransom screen- this time in Yellow. Petya 1 and 2 were Red and Green, respectively (or was it the other way around?),

tim one · Dec 7, 2016

I wonder to myself if they fixed the problem of the old version: by extracting 512 verification bytes from sector 55 and 8 bytes from the sector 54 of the infected drive (both encoded in Base64), it was possible to generate the decryption key needed to unlock the data.

Indeed...useless question, they will fix that for sure

Search

App Review GOLDENEYE Ransomware!Demonstration of attack video review.

GrujaRS

Level 5

DardiM

Level 26

Anker_by

Level 4

cruelsister

Level 43

tim one

Level 21

Similar threads