Maze

Maze ransomware. EFS EncryptionDisable. WinCrypt full suite. NtQueryEaFile EA query. 2019-2020 active. Double usurpation pioneer.

Threat Profile
Type Ransomware
Programming LanguageC++
C2 ProtocolHTTPS
First Seen2019
Targets Kurumsal
Purpose / Capabilities
  • Ransomware (Double Extortion)
No C2 servers have been identified for this family yet.

Research Reports (2)

Critical

Maze2 -- EncryptionDisable EFS Devre Dışı, CryptGenKey CryptExportKey WinCrypt Tam Suite, NtQueryEaFile EA Sorgusu | Kritik

Maze2 920KB. EncryptionDisable dosya sistemi sifrelemesini devre disi. CryptGenKey CryptExportKey CryptEncrypt CryptDecrypt WinCrypt tam paketi. NtQueryEaFile.

Read Report →
Critical

Maze Ransomware -- 786KB, .PjRW PE Section, BTC Cüzdanlar, CFG Korumalı | Kritik

Maze 786KB. .PjRW özel PE section. BTC cüzdan 11HKJMwrq. CFG kontrolü. RSA şifreleme.

Read Report →