no code implementations • 15 Dec 2020 • Simon R. Davies, Richard Macfarlane, William J. Buchanan
The resulting generated timelines provided a excellent way to visualise the behaviour of the ransomware and the encryption key management practices it employed, and from a forensic investigation and possible mitigation point of view, when the encryption keys are in memory.
Cryptography and Security E.3; K.6.5