might be a variety of TeslaCrypt, ransomeware

Question

Hello, 
 I am Yuriko, I would like to ask a virus / malware issue that has not detected with Sophos Endpoint Software. 
 There is a pc that might be infected with a new variety of TeslaCrypt, ransomeware and all files were encrypted with filename.xxx, Trend virus baster installed on that pc but not detected anything. 
 I tired to download Sophos Endpoint Software and installed it onto the affected pc, scanned all but nothing detected. 
 According to the information of this ransomeware, it will be vanished away of itsefl after the virus behavior was taken. 
 I am not a corporate user of Sophos but a trial user. In this case, I am wondering whether or not Sophos could investigate to release new identities if I provide some files to your lab. 
 If this is not appropriate community, please let me know where i find it. Thank you, 
 Yuriko

QC · Accepted Answer

Hello Yuriko, 
 that you create I'm not Sophos [:)]. 
 In order to detect new variants unless it's forcibly interrupted (notice it, cut the power, then slave the disk) you'll rarely find a trace of the actual malware. It has to get downloaded and started by some means though and, as said, if you can find parts of the stuff which took part in preparing the threat it might help to improve detection of the early stages. Please note that there are not only specific definitions and static scanning. Generic definitions as well as - to some extent - monitoring running processes can flag (and block) "early stage" components. Submitting samples of these files and the subsequent analysis can also lead to improved detection. 
 Christian