Analysis of PETYA Ransomware running live on a computer

Petya Ransomware could be called WannaCry V3 as it is using the same EternalBlue / DoublePulsar code. It starts running via a Windows DLL. In the video below Colin runs Petya on a computer to be able to study it.

Video is courtesy of the Colin Hardy YouTube channel

Advertisements