Category: Colin Hardy YouTube channel
Analysis of PETYA Ransomware running live on a computer
Petya Ransomware could be called WannaCry V3 as it is using the same EternalBlue / DoublePulsar code. It starts running via a Windows DLL. In the video below Colin runs Petya on a computer to be able to study it.
Video is courtesy of the Colin Hardy YouTube channel
Running demo of WannaCry v2 Ransomware Binary
WnnaCry Version 2 Ransomware is out. I had mentioned it in a prior post. The main difference is that the Kill SwitchCode has been removed. It is still a Worm which can spread across a Windows Server-based network, using the SMB v1.0 protocol.
In the video below the actual Binary Code of the WannaCry V2 Ransomware is run in a virtual environment.
Video is courtesy of the Colin Hardy YouTube channel.
Click on this link to view other CyberSecurity related posts found on Uniquely Toronto.
Posted by Vincent Banial
Uniquely Toronto 