2021
DOI: 10.14421/ijid.2021.2423
|View full text |Cite
|
Sign up to set email alerts
|

Analysis of Conti Ransomware Attack on Computer Network with Live Forensic Method

Abstract: Ransomware viruses have become a dangerous threat increasing rapidly in recent years. One of the variants is Conti ransomware that can spread infection and encrypt data simultaneously. Attacks become a severe threat and damage the system, namely by encrypting data on the victim's computer, spreading it to other computers on the same computer network, and demanding a ransom. The working principle of this Ransomware acts by utilizing Registry Query, which covers all forms of behavior in accessing, deleting, crea… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
10
0
1

Year Published

2022
2022
2024
2024

Publication Types

Select...
6
2

Relationship

1
7

Authors

Journals

citations
Cited by 12 publications
(11 citation statements)
references
References 24 publications
0
10
0
1
Order By: Relevance
“…ix. The Conti [33] ransomware is a highly advanced and complex malware that uses a sophisticated encryption algorithm to encrypt files on a victim's computer system. It can spread through a network, infecting other connected systems.…”
Section: Focused Ransomware Variantsmentioning
confidence: 99%
“…ix. The Conti [33] ransomware is a highly advanced and complex malware that uses a sophisticated encryption algorithm to encrypt files on a victim's computer system. It can spread through a network, infecting other connected systems.…”
Section: Focused Ransomware Variantsmentioning
confidence: 99%
“…Suatu jaringan dapat diketahui sedang diserang atau telah diserang melalui log yang mencatat aktivitas komputer. Log berperan penting sebagai penunjang dalam proses investigasi khususnya forensik jaringan [14].…”
Section: Pendahuluanunclassified
“…To the best of our knowledge, there is only one academic paper about the Conti ransomware. In [21], the authors focus on preliminarily static analysis and primary behavior analysis of the ransomware on a computer network. They use a 2021 sample of the Conti ransomware.…”
Section: B Conti Ransomwarementioning
confidence: 99%
“…The source code also shows API hashing techniques and dynamic API loading. In [21], the network behavior analysis shows how Conti ransomware can spread and encrypt networks file. This study lake some critical information about the Conti ransomware, such as all its libraries, API calls, API hashing algorithm, encryption flow, and encryption algorithm.…”
Section: B Conti Ransomwarementioning
confidence: 99%