Рет қаралды 217
In this Ransomware Simulation scenario, the following has been performed against all three victims:
1. Deploy the Ransomware through Process Injection
2. Use custom file extensions (.lol)
3. Specify target directory to be encrypted (C:\Users\Windows10\Documents)
4. Add a note for the victim on Desktop
5. Change the wallpaper for the victim's system
6. Delete all volume shadow copies using method #1 (vssadmin)