Vraag een demo aan
Platform
Waarom SentinelOne?
Services
Partners
Resources
Bedrijf
Vraag een demo aan
Back to Resources

SentinelOne VS Zeon Ransomware – Detection, Response and Remediation

SentinelOne VS Zeon Ransomware – Detection, Response and Remediation

Zeon ransomware is a Python-based malware that was first reported in January 2022. The ransomware is packaged using PyInstaller and obfuscated using PyArmor, and is a predecessor to the Royal ransomware operation. Zeon’s operators threaten victims with the public exposure of their internal data in ransom notes, stating that they will publish the data on their news website if the victim does not comply.

On execution, Zeon ransomware payloads attempt to stop any services or processes that could inhibit the encryption process, including backup processes, utilities, and security products from McAfee, Sophos, and Kaspersky. The ransomware uses both taskkill.exe and net.exe to terminate these processes.

To achieve persistence, Zeon generates and executes a scheduled task via cmd.exe. SentinelOne Singularity XDR protects against Zeon ransomware attacks.

#Zeon #ransomware

Lees nu
Related Resources

Maak kennis met 's werelds meest geavanceerde cyber­beveiligings­platform

Zie hoe ons intelligente, autonome cyberbeveiligingsplatform uw organisatie nu en in de toekomst kan beschermen.

Vraag een demo aan