Jump to content

Ransonware attack

Recommended Posts

Good afternoon We have server that was infected with a Ransomware. It was possible to extract some of the information from the SysCollector, and various information to determine a possible solution


efsw_logs.zip efsw_logs2.zip efsw_logs3.zip Ransonware.rar

Link to comment
Share on other sites

  • Administrators

Files were encrypted by Filecoder.Crysis. Decryption is not possible.

Unfortunately ELC logs appear not to be collected properly. Please make sure that ESET is installed, activated and updated prior to collecting logs with ELC. Also I'd recommend installing the latest version of EFSW 7.1 over the existing 6.5 first.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...