Skip to main content
Security Scorecard

A Detailed Analysis Of The Last Version Of REvil Ransomware

A Detailed Analysis Of The Last Version Of REvil Ransomware

REvil/Sodinokibi ransomware has been active since 2019, with breaks due to law enforcement. The malware comes with an RC4 encrypted configuration, kills a list of targeted processes, and stops some specified services. It also deletes all Volume Shadow Copies using WMI and targets logical drives and network shares.

Join us in making the world a safer place.