Thesis Details

Metody analýzy a detekce ransomwaru

Bachelor's Thesis Student: Vojtáš Samuel Academic Year: 2021/2022 Supervisor: Zobal Lukáš, Ing.

The purpose of this thesis is to demonstrate the threat of malware and to describe its forms. Special focus is put on ransomware - its historical evolution, method of analysis, detection, and recovery from it. Various techniques of reverse engineering are also introduced alongside concepts related to it, such as static and dynamic analysis or sandboxing. Paper centers around creating detection mechanisms and malware classification. Company Avast provided samples of several ransomware families for the analysis to create detection YARA rules and to describe samples' behavior. The process of development of detection mechanisms for ransomware threats is shown alongside the method to decrypt files encrypted by various ransomware families that contained cryptography errors. The end of the thesis sums up the resulting data regarding the efficiency of defense mechanisms.


Malware, Reverse engineering, Ransomware, Cryptography, YARA

Degree Programme
defended, grade A
14 June 2022
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT), předseda
Malinka Kamil, Mgr., Ph.D. (DITS FIT BUT), člen
Milet Tomáš, Ing., Ph.D. (DCGM FIT BUT), člen
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS FIT BUT), člen
Strnadel Josef, Ing., Ph.D. (DCSY FIT BUT), člen
VOJTÁŠ, Samuel. Metody analýzy a detekce ransomwaru. Brno, 2022. Bachelor's Thesis. Brno University of Technology, Faculty of Information Technology. 2022-06-14. Supervised by Zobal Lukáš. Available from:
    author = "Samuel Vojt\'{a}\v{s}",
    type = "Bachelor's thesis",
    title = "Metody anal\'{y}zy a detekce ransomwaru",
    school = "Brno University of Technology, Faculty of Information Technology",
    year = 2022,
    location = "Brno, CZ",
    language = "slovak",
    url = ""
Back to top