Gradcrab 5.2 is the type of ransomware variant that encodes data that is spread by Phishing. An email with an attachment containing malicious code will be sent to the user. This is the Advanced malware stream, it can bypass some Mail Servers and this email will reach the user’s mailbox. Here is how Sophos’s Antivirus software is Sophos Endpoint Protection to detect, prevent and analyze this virus
How is Sophos Endpoint Protection work
- This is an email that users often receive recently, with attachments with fake content from the Ministry of Public Security
- When the user opens the attachment, it is a fake .doc script (if you look closely, this is an executable file with the .exe extension)
- With the computer, there is Sophos Endpoint Protection Antivirus software, when the file is executed by the user. Immediately, Sophos will detect within 1 mili seconds and prevent the execution of the encrypted file
- All information about Gandcrab encrypted virus will be alerted immediately on Sophos Antivirus software
- The system administrator will receive a warning about this new virus at Sophos Central immediately
- Administrators can view detailed information about this Virus
- Besides the features on Sophos Central, the administrator can view details about the virus’s spread path
- With Sophos Central it is possible to view the level of virus assessment based on Deep Learning
- A complete detailed assessment of the encryption attack of ransomware Gandcrad 5.2
- Sophos software can also view the IP address that this virus connects to in order to update the Firewall
- Administrators can querantine and scan that computer instantly with Sophos Central
- See the HASH code of the virus
- With the new feature of Sophos Central updated this year, it is possible to check whether the system is infected with this system by EDR Threat Search feature
** If you have difficulty configuring or you want to learn more about Sophos products in VietNam, contact us:
EMAIL: info@thegioifirewall.com
HOTLINE: 02862711677
Leave a Reply