mafiaware666 | 52c527df9e7554e940c3c45b4e9b3e30 | Triage

Sharing

General

Target

52c527df9e7554e940c3c45b4e9b3e30
Size

557KB
MD5

52c527df9e7554e940c3c45b4e9b3e30
SHA1

ae182f41baae6a5f3c05803933ba77578772233c
SHA256

a6339f9ef7c91bc792626ff3765a46809dcada083c93a7e63fd01b0e91c1bb90
SHA512

eabb6293309e5ac13a9530efe8f3f75d6fa1102a6fed2a1825022fff584836796fc6eab97b42fe88cb618c987907b2c3224cfa79bec8b8f332f72a0f9412752c
SSDEEP

12288:XVP8e1HSvWxO5RyIRenncbTNq/TImAG4QYdOSfa/y7+uv3:R87vyGvRec/NqrImr5nSfa/y7++3

Score

10^/10

mafiaware666

Malware Config

Signatures

Detect MafiaWare666 ransomware 1 IoCs

resource	yara_rule
sample	family_mafiaware666

Mafiaware666 family
mafiaware666

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c527df9e7554e940c3c45b4e9b3e30

Files

52c527df9e7554e940c3c45b4e9b3e30
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ