Forum Discussion
Yogeesh143
Sep 15, 2025Copper Contributor
Ransomeware query
If any ransomware detection i need following query for advance hunting in defender
- Look for rapid file modification or creation or deletion
2. Rapid file encryption one
3. look for a ransom note
4. look for encryption algorithms
5. look for double extension
6. Also query for birth time of the file
1 Reply
- rahuljindalBronze Contributor
MDE will do that for you. If ransomware is detected, controlled folder access security settings with take care of quarantining and deleting necessary content and artefacts.