Snzh.7z -

: Scans the local network for SMB shares to encrypt mapped and unmapped network drives [5]. Technical Indicators

The file is an archive associated with the Snzh (Snooze) ransomware, a variant of the MedusaLocker ransomware family [1, 3]. It typically contains the ransomware payload or tools used by attackers to facilitate the encryption of local and network drives [2, 5]. Malware Analysis: Snzh Ransomware Malware Family : MedusaLocker (Variant: Snzh/Snooze) [1]. snzh.7z

: snzh.7z (Often used as a staging archive for the executable) [1]. : Scans the local network for SMB shares