To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Infection with Regedit Files

cetil35
cetil35 W/ Alumni Posts: 4 Security Scout
edited October 2023 in WithSecure Elements Endpoint Detection and Response


Hello all,

We had 2 different infected PCs in different times and I want to investigate why it is affecting especially registries.

Did you ever experienced such an infection? Or do you have any ideas about more detailed investigations? Or maybe its just a FP, not sure.


2023-03-06 12_55_33.png
2023-03-06 12_53_20-.png

Thanks in advance

Ilke

Answers

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 216 Moderator

    Hi @cetil35.

    We need to analyze the virus sample for the detection you shared above. Please send the malware samples to our WithSecure Lab for further research, as that is what we recommend in the first place.

  • cetil35
    cetil35 W/ Alumni Posts: 4 Security Scout

    Hi Sethu,


    Thanks for your answer. Unfortunately, both PCs have been reinstalled so we lost the samples.


    Should we wait for the next incident then or can we somehow check it deeply?

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 216 Moderator
    edited March 2023

    Hi @cetil35

    Yes, It is because the sample file allows our virus lab to do a deeper analysis of the file and add it to our database. So please try to collect the sample and submit to our virus lab in future case.

This discussion has been closed.

Categories