maze | e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684 | Triage

Sharing

General

Target

e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe
Size

473KB
Sample

201206-a2l2ytq4bs
MD5

f83fb9ce6a83da58b20685c1d7e1e546
SHA1

01c459b549c1c2a68208d38d4ba5e36d29212a4f
SHA256

e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684
SHA512

934ec9073a28b90e8df785bef49f224789da59f83729208b92dba0503e2894b3f48ed04b20de1ba49374b1cd26f0c87e8e5ab79e817258135e3be2c171f3f396

Score

10^/10

maze ransomware spyware trojan

Malware Config

Targets

- Target
  
  e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684.exe
- Size
  
  473KB
- MD5
  
  f83fb9ce6a83da58b20685c1d7e1e546
- SHA1
  
  01c459b549c1c2a68208d38d4ba5e36d29212a4f
- SHA256
  
  e8a091a84dd2ea7ee429135ff48e9f48f7787637ccb79f6c3eb42f34588bc684
- SHA512
  
  934ec9073a28b90e8df785bef49f224789da59f83729208b92dba0503e2894b3f48ed04b20de1ba49374b1cd26f0c87e8e5ab79e817258135e3be2c171f3f396
Score

10^/10

maze ransomware spyware trojan
- Maze
  Ransomware family also known as ChaCha.
  trojan ransomware maze
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Defacement

Inhibit System Recovery

Tasks

static1

behavioral1

mazeransomwarespywaretrojan

behavioral2

mazeransomwarespywaretrojan