Is this host protected from Maui Ransomware?

/static/assets/windows-logo.svg
CISA released an advisory in July 2022 on Maui ransomware which has been used by North Korean state-sponsored actors since at least May 2021 to encrypt files in infected hosts. This TTP uses a defanged (non-malicious) version of Maui which can be used to check if the ransomware is detected. Endpoint detection should identify Maui ransomware samples and respond before they can cause damage.
locked
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.

Login

Test this TTP

Download Operator (1.7.0)