Petya Ransomware Without The Fluff

Binary Defense's analysis of the June 2017 NotPetya/Petya outbreak attributes rapid, destructive compromise to a supply‑chain update from Ukrainian accounting software M.E.Doc that deployed a perfc.dat payload and combined EternalBlue worming with credential theft (Mimikatz) and legacy PsExec/WMIC lateral movement; the report includes a SHA256 indicator, targeted file extensions, observed behaviors, and mitigations (block perfc.dat, patch MS17-010, remove admin rights).