Infection with Regedit Files

cetil35
cetil35 Posts: 4 Explorer
in WithSecure Elements Endpoint Detection and Response


Hello all,

We had 2 different infected PCs in different times and I want to investigate why it is affecting especially registries.

Did you ever experienced such an infection? Or do you have any ideas about more detailed investigations? Or maybe its just a FP, not sure.


2023-03-06 12_55_33.png
2023-03-06 12_53_20-.png

Thanks in advance

Ilke

Genius Agree Like Awesome

Answers

  • Sethu Laks
    Sethu Laks Posts: 125 Moderator

    Hi @cetil35.

    We need to analyze the virus sample for the detection you shared above. Please send the malware samples to our WithSecure Lab for further research, as that is what we recommend in the first place.

    Genius Agree Like Awesome
  • cetil35
    cetil35 Posts: 4 Explorer

    Hi Sethu,


    Thanks for your answer. Unfortunately, both PCs have been reinstalled so we lost the samples.


    Should we wait for the next incident then or can we somehow check it deeply?

    Genius Agree Like Awesome
  • Sethu Laks
    Sethu Laks Posts: 125 Moderator
    edited March 9

    Hi @cetil35

    Yes, It is because the sample file allows our virus lab to do a deeper analysis of the file and add it to our database. So please try to collect the sample and submit to our virus lab in future case.

    Genius Agree Like Awesome

Categories