# Ransomware Simulator | ManageEngine Endpoint Central

## Ransomware Simulator by Endpoint Central

The simulator allows users to assess Endpoint Central's Anti-Ransomware capabilities. Ransomware Simulator provides an overview of how ransomware operates without impacting actual files on your system. It offers a safe and controlled environment to understand the behavior of ransomware attacks, by simulating encryption of decoy files.

**Download the simulator by accessing this** [link](https://downloads.zohocorp.com/dnd/Endpoint_Central/V5wE82MdG7gO9yh/RansomwareSimulator.zip)**.**

**Note:** Before proceeding further make sure Endpoint Central agent is installed.

## Executing Ransomware Simulator

To unzip the **MEEDRRansomwareSimulator.zip** file and execute the appropriate version of **MEEDRRansomSimulator.exe** based on your machine architecture, follow these steps:

- Locate the **MEEDRRansomwareSimulator.zip** file on your computer.
- Right-click on the file and select **Extract All** or use a file compression software such as WinZip or 7-Zip to extract the contents of the zip file to the desired location.

### If your machine is 64-bit:

- After extracting the contents, navigate to the extracted folder and find the **x64** directory.
- Inside the **x64** folder, locate the **MEEDRRansomSimulator.exe** file.
- Execute the **MEEDRRansomSimulator.exe** file.
- Open the Command Prompt by pressing Win + R, typing `cmd`, and pressing Enter.
- In the Command Prompt, navigate to the location where the **MEEDRRansomSimulator.exe** file is located. For example, if it's in the extracted folder, you can use the `cd` command to change to that directory. For instance, if the extracted folder is on the desktop, you would type:

```
cd C:\Users\YourUsername\Desktop\ExtractedFolder\x64
```

### If your machine is 32-bit (x86):

- After extracting the contents, navigate to the extracted folder and find the **x86** directory.
- Inside the **x86** folder, locate the **MEEDRRansomSimulator.exe** file.
- Open the Command Prompt by pressing Win + R, typing `cmd`, and pressing Enter.
- In the Command Prompt, navigate to the location where the **MEEDRRansomSimulator.exe** file is located. For example, if it's in the extracted folder, you can use the `cd` command to change to that directory. For instance, if the extracted folder is on the desktop, you would type:

```
cd C:\Users\YourUsername\Desktop\ExtractedFolder\x86
```

- Once you're in the correct directory, execute the **MEEDRRansomSimulator.exe** file with the command-line argument `-enc` by typing the following command and pressing Enter:

```
MEEDRRansomSimulator.exe -enc
```

![Ransomware Simulator](https://www.manageengine.com/products/desktop-central/help/images/ransomware-simulator-cmd.png)

- This launches the appropriate version of **MEEDRRansomSimulator.exe** based on your machine architecture and, in the case of the x86 version, with the specified command-line argument.

Once the simulator has been executed, open **Endpoint Central** console. Under the **Incidents** tab, the incident will be listed. Review all the details and examine the available information and associated details regarding the incident. All files are restored successfully.