Home / malware
First posted on 29 June 2017.
There are no other names known for Ransom:DOS/Petya.A.
This threat may be installed by malicious documents with embedded macro code and distributed via email. We have seen this threat installed by malicious documents detected as Trojan:O97M/Goldeneye.A.
Upon execution, this threat overwrites the Master Boot Record (MBR) with Ransom:DOS/Petya.A, and encrypts system drive sectors.
It then forces the PC to restart, after which you get the following message, which contains instructions to purchase a key to unlock the system.
Last update 29 June 2017