Reverse Engineering the Behaviour of NotPetya Ransomware
R Lakshmi Prasanna Sai1, T. Pavan Kumar2
1R Lakshmi Prasanna Sai, M.Tech Student, Department of Computer Science and Engineering, Koneru Lakshmaiah Educational Foundation, Vaddeswaram, Guntur District (Andhra Pradesh), India.
2Dr. T. Pavan Kumar, Professor, Department of Computer Science and Engineering, Koneru Lakshmaiah Educational Foundation, Vaddeswaram, Guntur District (Andhra Pradesh), India.
Manuscript received on 24 March 2019 | Revised Manuscript received on 05 April 2019 | Manuscript Published on 18 April 2019 | PP: 574-578 | Volume-7 Issue-6S March 2019 | Retrieval Number: F03120376S19/2019©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Recently Ransomware attack had a great impact on several sectors like, Banking & finance, Insurance, Healthcare, utility and energy, Manufacturing, Education, Public and Government sectors etc. One of the prominent type of ransomware that effected several computers across the world, including Ukraine, France, Russia, and England which hit the big time in 2017, however its effect still persists in 2018, and is referred to as NotPetya. This is destructive because it combines regular ransomware behaviour with stealthy transmission technquies. NotPetya encrypts the files and also master boot loader (MBR) which intercepts the booting process with a ransom note. Eventhough by paying the ransom, the data couldn’t have been recovered from the machine. This paper gives comprehensive technical analysis and reverse engineering of NotPetya ransomware.
Keywords: Ransom, Ransomware, NotPetya, Encryption, Reverse Engineering.
Scope of the Article: Reverse Engineering