Your plan sounds reasonable. If you can mount it as a non-system drive, you reduce chances of malware propagating. As was mentioned, there is a likelihood the files and/or OS have been encrypted. If so, investigate the various types of ransomware that have been been cracked, e.g. Petya, CryptoLocker or other known type; perhaps it can be salvaged.
In any event, salvage any documents you can, but abandon any executables.
Finally, if it were my drive, I would then completely format it and put on a new OS from scratch. If you can obtain valid Windows installation media, reinstall from that. However, when a friend fell victim to such a ransomeware scam, after I showed him how user-friendly Ubuntu was, and how similar to his previous Windows OS, he felt comfortable switching to that Linux flavor. Ubuntu also comes with LibreOffice suite, Thunderbird and Firefox, so if you mother likes those applications, it is far faster to install than Windows plus MS Office.