RRM+APM Ransomware Detection
This article documents the detection of Ransomware in RRM with APM.
Ransomware | APM Detection | RRM Detection | Notes |
|---|---|---|---|
WannaCry | Yes | No | RRM did not throw an alarm. |
Jigsaw | Yes |
| During run, W11 notifies that .NET 3.5 is required. RRM disables WUpdate .NET cannot install |
Mamba | Yes | N\A | Sample would not launch |
RedBoot | Yes | No | After windows format and reinstall, new Windows install detects remnants. |