Рет қаралды 337
n this Ransomware Simulation scenario, the following has been performed against all three victims:
1. Deploy the Ransomware through Process Injection
2. Use custom file extensions (.lol)
3. Target a custom set of files: *.txt, *.pdf, and *.docx
4. Specify target directory to be encrypted (C:\Users\Windows10\)
5. Add a note for the victim on Desktop
6. Change the wallpaper for the victim's system
7. Delete all volume shadow copies using method #2 (WMI)