Maze
Maze ransomware. EFS EncryptionDisable. WinCrypt full suite. NtQueryEaFile EA query. 2019-2020 active. Double usurpation pioneer.
Threat Profile
Type
Ransomware
Programming LanguageC++
C2 ProtocolHTTPS
First Seen2019
Targets
Kurumsal
Purpose / Capabilities
- Ransomware (Double Extortion)
No C2 servers have been identified for this family yet.
Research Reports (2)
Maze2 -- EncryptionDisable EFS Devre Dışı, CryptGenKey CryptExportKey WinCrypt Tam Suite, NtQueryEaFile EA Sorgusu | Kritik
Maze2 920KB. EncryptionDisable dosya sistemi sifrelemesini devre disi. CryptGenKey CryptExportKey CryptEncrypt CryptDecrypt WinCrypt tam paketi. NtQueryEaFile.
Read Report →Maze Ransomware -- 786KB, .PjRW PE Section, BTC Cüzdanlar, CFG Korumalı | Kritik
Maze 786KB. .PjRW özel PE section. BTC cüzdan 11HKJMwrq. CFG kontrolü. RSA şifreleme.
Read Report →