MedusaLocker uses a batch file to execute a PowerShell script, called invoke-Reflective PEInjection. Attacks typically restart machines in safe mode to avoid detection by security software.
Support the originator by clicking the read the rest link below.