cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Dwee
Level 10
Report Inappropriate Content
Message 1 of 5

FEFG ransomware

Jump to solution

HI,

i just want to ask if mcafee already have this type of ransomware (.FEFG) covered ? and if already covered what is the latest amcore minimum coverage version ? because when i checked mvision insight mcafee still haven't coverage this threat yet, and is this latest DJVU ransomware new variant ? (the fefg),

we have some client encrypted with this ransomware (files encrypted to *.FEFG),

If we add mcafee ENS ATP what is the configuration for this threat? (policy , etc),

last thing, if we want to rise SR for this case, what the team needs ? fyi; we don't know where's the source file location (ransomware source file),

 

1 Solution

Accepted Solutions
Pravas
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: FEFG ransomware

Jump to solution

Hi @Dwee ,

Its difficult to verify Ransomware coverage just by variant name or file extension.

We require IOCs (Hash Values) to identify the exact sample. It can be then be added to coverage if found malicious.

We urge you to read about What is Ransomware in the link below.

https://www.trellix.com/en-in/security-awareness/ransomware/what-is-ransomware.html

Thanks

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

4 Replies
Pravas
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: FEFG ransomware

Jump to solution

Hi @Dwee ,

I understand you would like to check coverage for a ransomware variant.

Please log a malware ticket with support with the following information.

1. List of hashes that are related to the ransomware.

2. Source from where these hashes were gathered.

Please refer Coverage for a hash or list of hashes in the KB below.

https://kc.mcafee.com/corporate/index?page=content&id=KB91459

Thanks

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Dwee
Level 10
Report Inappropriate Content
Message 3 of 5

Re: FEFG ransomware

Jump to solution

Hi Pravas,

thanks for your reply, what i meant is that what type of ransomware that encrypted our clients ? (files encrypted into *.FEFG), and  Has mcafee covered this type of ramsomware?

Pravas
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: FEFG ransomware

Jump to solution

Hi @Dwee ,

Its difficult to verify Ransomware coverage just by variant name or file extension.

We require IOCs (Hash Values) to identify the exact sample. It can be then be added to coverage if found malicious.

We urge you to read about What is Ransomware in the link below.

https://www.trellix.com/en-in/security-awareness/ransomware/what-is-ransomware.html

Thanks

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Dwee
Level 10
Report Inappropriate Content
Message 5 of 5

Re: FEFG ransomware

Jump to solution

yes Pravas, true we do need the correct sample file for analyze, but sadly the client already reinstall the unit without inform us to collect the sample, like Prakash also said same as yours (the one who handle my case) , i tried collect info about this extension ransomware in mvision insight and others source  it seems maybe  this is a new variant from Djavu family, 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community