Maze Ransomware encrypts files and makes them inaccessible while adding a custom extension containing part of the victim's ID. The ransom note is placed in a text file and an htm file. A few different extensions are added to the files and are randomly generated. The actors are known to exfiltrate the data from the network to continue the extortion. It is spread mainly through spam and various exploit kits (Spelevo, Fallout). Maze ransomware's code is highly complicated and obfuscated, which allows it to evade security solutions using signature-based detections.