CryptoFortress Ransomware

Forum for analysis and discussion about malware.
Post Reply
Sargerras
Posts: 9
Joined: Mon May 13, 2013 12:23 pm

Thu Mar 12, 2015 12:34 pm

Рello,

Some more of cryptolocker copycats
You do not have the required permissions to view the files attached to this post.
User avatar
Artilllerie
Posts: 25
Joined: Thu Dec 13, 2012 11:32 am

Fri Mar 13, 2015 4:46 pm

Thx Sargerras.

A screen about this sample using the easy way for deleting shadow copy snapshots :

Image
SimonZerafa
Posts: 6
Joined: Wed May 26, 2010 4:25 pm

Mon Mar 16, 2015 11:14 am

Hi,

Any signs that this malware might be able to work around a SRP to prevent VSSADMIN from running? e.g running as SYSTEM or similar?

Kind Regards

Simon
Post Reply