MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Add Maze Ransomware

pull/480/head
rmkml 2019-11-21 00:57:50 +01:00
parent 9410326ea2
commit 90bc667988
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
clusters/ransomware.json
View File

@ -13556,7 +13556,20 @@
}, },
"uuid": "6cea5546-1e2c-333a-4faf-033d461360b5", "uuid": "6cea5546-1e2c-333a-4faf-033d461360b5",
"value": "Desync" "value": "Desync"
},
{
"description": "Maze Ransomware encrypts files and makes them inaccessible while adding a custom extension containing part of the ID of the victim. The ransom note is placed inside a text file and an htm file. There are a few different extensions appended to files which are randomly generated.",
"meta": {
"encryption": "ChaCha20 and RSA",
"refs": [
"https://malpedia.caad.fkie.fraunhofer.de/details/win.maze",
"https://www.bleepingcomputer.com/news/security/maze-ransomware-now-delivered-by-spelevo-exploit-kit/",
"https://www.proofpoint.com/us/threat-insight/post/ta2101-plays-government-imposter-distribute-malware-german-italian-and-us"
]
},
"uuid": "7cea8846-1f3d-331a-3ebf-055d452351b6",
"value": "Maze"
} }
], ],
"version": 71 "version": 72
} }