#NotPetya and #Petya compared: any hope for
decrypting files?
Positive
Technologies expert Dmitry Sklyarov provides here his comparison of NotPetya
ransomware, which attacked companies this week, with a sample of Petya from
2016. Is decryption of ransomed files possible? And what does the code tell us
about the malware's creation?
This post
considers the portions of the two viruses responsible for MFT encryption. This
encryption runs when the ransomware has administrator rights.