#NotPetya and #Petya compared: any hope for decrypting files?
Positive Technologies expert Dmitry Sklyarov provides here his comparison of NotPetya ransomware, which attacked companies this week, with a sample of Petya from 2016. Is decryption of ransomed files possible? And what does the code tell us about the malware's creation?
This post considers the portions of the two viruses responsible for MFT encryption. This encryption runs when the ransomware has administrator rights.