Overview

overview

10

Static

static

10

afe32d4d02...cs.exe

windows7-x64

10

afe32d4d02...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afe32d4d02c9b74bf9dad8f833f16530_NeikiAnalytics.exe

  • Size

    208KB

  • Sample

    240517-fr9pcsah43

  • MD5

    afe32d4d02c9b74bf9dad8f833f16530

  • SHA1

    c0fcd71f56a776588e9dec3b2fb1bb174b50303c

  • SHA256

    812b7a2cc65b2adb42b870da3aedf4de4d730fa63c19578b4a556e1c58c6c9a8

  • SHA512

    d225a5af3208e867ef28c46e0888b630755d35a7504998e8fc3541c871b384c25af5bac14eeb1ee6b46fe9e193356d1224f0201c0b783e9afac90db84c38cdcd

  • SSDEEP

    1536:WtWNZ0pnFBamoCr3fAyBGhOyiM3wVf29+kVclR:WdFBamP3fAyZVf29+WYR

Score
10/10
mafiaware666evasionransomwaretrojan

Malware Config

Targets

    • Target

      afe32d4d02c9b74bf9dad8f833f16530_NeikiAnalytics.exe

    • Size

      208KB

    • MD5

      afe32d4d02c9b74bf9dad8f833f16530

    • SHA1

      c0fcd71f56a776588e9dec3b2fb1bb174b50303c

    • SHA256

      812b7a2cc65b2adb42b870da3aedf4de4d730fa63c19578b4a556e1c58c6c9a8

    • SHA512

      d225a5af3208e867ef28c46e0888b630755d35a7504998e8fc3541c871b384c25af5bac14eeb1ee6b46fe9e193356d1224f0201c0b783e9afac90db84c38cdcd

    • SSDEEP

      1536:WtWNZ0pnFBamoCr3fAyBGhOyiM3wVf29+kVclR:WdFBamP3fAyZVf29+WYR

    Score
    10/10
    mafiaware666evasionransomwaretrojan

    • Detect MafiaWare666 ransomware

    • MafiaWare666 Ransomware

      MafiaWare666 is ransomware written in C# with multiple variants.

      ransomwaremafiaware666

    • UAC bypass

      evasiontrojan

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks