General

  • Target

    010520240909Chromee.iso

  • Size

    1.2MB

  • Sample

    240501-ma925aeg23

  • MD5

    ee208bf120c33ec1ae8d946bef43d2c5

  • SHA1

    8212a4188dd27c7ade0f2ca36c1721a80191b1f0

  • SHA256

    ec53369ff55e735e14b5b87eb793dabf043ce0fd7f93bc47fd0e5fd4fd7e6a77

  • SHA512

    a38e50fd834a8d3d52c6b14f08245a14bf1aabd5c1bb5647f8f6faffbf67ca13d7f7eaa910c47cbe1b4cdb77d34fadb53e9661c086756baaf9a430cb2524411c

  • SSDEEP

    3072:D1L7cspAtO9mXwCGjtYNKbYO2gjpcm8rRuqpjCL42loHUvU0yGxr5GqM2a8VlhD5:EtO9iRQYpgjpjew5DHyGxcqo8f7

Malware Config

Targets

    • Target

      Chrome.msi

    • Size

      288KB

    • MD5

      10cca9ff7368ddfb2301d36fa386669a

    • SHA1

      9ec12af4a97eda16513aa51ec685601c64eec626

    • SHA256

      ba9933fa2ea29f27d73736ecd78d3f598e4786f2207e29fa6c7f42f008d529a9

    • SHA512

      c72938d43e08de87c0328a500810e0c33448110eefb3eaf9569dbb9b91e61e9db4022ca6359e84e2a9b376077d5242948ecdbd2fb433b508a4006463d56d1c85

    • SSDEEP

      3072:81L7cspAtO9mXwCGjtYNKbYO2gjpcm8rRuqpjCL42loHUvU0yGxr5GqM2a8VlhD5:btO9iRQYpgjpjew5DHyGxcqo8f7

    • Detect MafiaWare666 ransomware

    • MafiaWare666 Ransomware

      MafiaWare666 is ransomware written in C# with multiple variants.

    • Renames multiple (90) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Modifies file permissions

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks