In the previous article we saw how Angela had deduced that the attackers had entered the computer used to connect to the DC from another computer using the PsExec tool. Determined to find the PsExec, Angela begins by converting the MFT extracted by CyLR with mftdump.exe to ….

➤ Read More: https://www.securityartwork.es/2021/07/27/ransomware-ate-my-network-iv-2/

By admin