AUS
NZ
UK
CA
USA
FRA
GER
ESP
ITA
NLD
PRT
SWE
GRC
IND
POL
BRA
ZAF
RUS
CHN
UAE
DUBAI, DUBAI, UNITED ARAB EMIRATES, April 22, 2025 /EINPresswire.com/ -- ANY.RUN, a leading provider of interactive malware analysis and threat intelligence services, has released a new report by Mauro Eldritch detailing the emerging PE32 Ransomware, a rapidly spreading threat that poses significant risks to organizations across industries.
𝐏𝐄𝟑𝟐 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞: 𝐀 𝐆𝐫𝐨𝐰𝐢𝐧𝐠 𝐓𝐡𝐫𝐞𝐚𝐭 𝐭𝐨 𝐂𝐨𝐫𝐩𝐨𝐫𝐚𝐭𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
PE32’s ability to encrypt critical files and exfiltrate data threatens organizations in banking, retail, healthcare, manufacturing, and technology. Some of its key functionalities include:
· Rapid File Encryption: PE32 targets visible folders like the Desktop, appending a .pe32s extension, and begins encryption after minimal user interaction.
· Dual Ransom Demands: Unlike typical ransomware, PE32 employs a two-tier payment model: $700 to $7,000 for file decryption and $10,000 to 2 BTC for preventing data leaks.
· Telegram-Based Command and Control (C2): The ransomware uses the Telegram Bot API for communication, with exposed bot tokens making it traceable but no less disruptive.
Its lack of obfuscation and reliance on basic Windows libraries highlight inexperienced authors behind the threat, yet its active development signals growing danger.
Read detailed analysis of this ransomware strain on ANY.RUN’s blog.
𝐇𝐨𝐰 𝐀𝐍𝐘.𝐑𝐔𝐍 𝐇𝐞𝐥𝐩𝐬 𝐂𝐨𝐦𝐩𝐚𝐧𝐢𝐞𝐬 𝐃𝐞𝐭𝐞𝐜𝐭 𝐚𝐧𝐝 𝐀𝐧𝐚𝐥𝐲𝐳𝐞 𝐏𝐄𝟑𝟐
Using ANY.RUN’s Interactive Sandbox, organizations can analyze PE32 Ransomware in a secure, cloud-based environment. The service simplifies extraction of Indicators of Compromise (IOCs), monitors Telegram-based C2 activity, and maps attack behaviors, enabling faster response and recovery.
𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍
ANY.RUN empowers organizations in banking, manufacturing, telecommunications, healthcare, retail, and technology with cutting-edge malware analysis and threat intelligence. Its cloud-based Interactive Sandbox, paired with advanced tools like TI Lookup and YARA Search, helps businesses analyze threats in under 40 seconds, building resilient cybersecurity operations.
The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
X
YouTube
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
