Skip to content

Commit

Permalink
Add report in PT and link to the OVA
Browse files Browse the repository at this point in the history
  • Loading branch information
@matheus-1618
matheus-1618 authored Sep 29, 2023
1 parent ec0973b commit d862093
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ Ryuk is believed to be operated by a cybercrime group known as Wizard Spider.
The primary purpose of Ryuk ransomware is to encrypt the victim's files, making them inaccessible.

Once the files are encrypted, Ryuk displays a ransom note, typically in a "RyukReadMe.txt" file, containing instructions on how to pay the ransom to obtain the decryption key.
It has some typical behaviours analysed in this [research](www.google.com), such as:
It has some typical behaviours analysed in this [research](https://github.com/matheus-1618/Atreus/blob/main/ryuk_data/Report_PT.pdf), such as:
* Multi-thread, calling CreateRemoteThread
* Process Injection through multiples process in the Machine
* AES256 encryption of files
Expand Down

0 comments on commit d862093

Please sign in to comment.