Neo23x0
commented
3 years ago This shouldn't be a problem anymore. Newer versions of Raccine also intercept calls to taskkill.exe and kill the process that try to kill Raccine.
Closed certrik closed 3 years ago
Neo23x0
commented
3 years ago This shouldn't be a problem anymore. Newer versions of Raccine also intercept calls to taskkill.exe and kill the process that try to kill Raccine.
In an article from Unit42 it is described that at least Prometheus / Thanos Ransomware actively tries killing Raccine processes in order to operate. https://unit42.paloaltonetworks.com/prometheus-ransomware/
It seems that Raccine will be needing advanced evasion techniques starting now in order to still be effective.