Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ransomware-propagation to mapped drives


  • This topic is locked This topic is locked
2 replies to this topic

#1 dmerck

dmerck

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 19 June 2015 - 10:53 AM

Hello everybody,

 

I am new to this site but looking forward to taking advantage of a great resource.

 

I'd like to ask about the behavior of a ransom-ware type virus that recently infected my network.  We recently had a situation where the virus encryption files were discovered on a mapped network drive and in the process of encrypting.  Analysis showed ownership of the dropped files to be a user workstation.  The workstation was taken offline and the server files restored from backup.  All good.  However, I expected the users PC to be encrypted and unusable.  This was not the case, no ransom-ware splash page etc.  Additional analysis showed the files were dropped on the PC 47 days before they began encryption on the mapped drives.

 

Any thoughts?  Thanks.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,951 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:28 PM

Posted 23 June 2015 - 10:18 PM

Greetings,

Since this forum is for the removal of malware I would suggest you pose your question here. They may be better equipped to give you some assistance.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,951 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:28 PM

Posted 23 June 2015 - 10:18 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users