General

  • Target

    WindowsFormsApp1.exe

  • Size

    1.3MB

  • Sample

    240918-d56hra1fll

  • MD5

    865a5dfc61b496c6e86abc200bb4916d

  • SHA1

    60b678a4a0032e59a07349e202c4ec42e5a387f8

  • SHA256

    4930e4ddd35a5ef7ad3be161ef88a2fd5f7cf314883af7498573d1ad57824d3c

  • SHA512

    c57b5b06adc462615f26661320f9d2f825e4e4a3d2ea518846b175e1cb89f205b592ccdecec0f9e822cc5521cde25388b271c29164640ff02699a0fc1a30551b

  • SSDEEP

    24576:cTSTiRsBE12BIVpT2QhYpAILUo/g9QZqpMC3QVbIoTdWR8SfEuGujqZF13z8H81:cT7RseZDT2tSbvQsIbe8YVjPH81

Malware Config

Targets

    • Target

      WindowsFormsApp1.exe

    • Size

      1.3MB

    • MD5

      865a5dfc61b496c6e86abc200bb4916d

    • SHA1

      60b678a4a0032e59a07349e202c4ec42e5a387f8

    • SHA256

      4930e4ddd35a5ef7ad3be161ef88a2fd5f7cf314883af7498573d1ad57824d3c

    • SHA512

      c57b5b06adc462615f26661320f9d2f825e4e4a3d2ea518846b175e1cb89f205b592ccdecec0f9e822cc5521cde25388b271c29164640ff02699a0fc1a30551b

    • SSDEEP

      24576:cTSTiRsBE12BIVpT2QhYpAILUo/g9QZqpMC3QVbIoTdWR8SfEuGujqZF13z8H81:cT7RseZDT2tSbvQsIbe8YVjPH81

    • Detect MafiaWare666 ransomware

    • MafiaWare666 Ransomware

      MafiaWare666 is ransomware written in C# with multiple variants.

    • Renames multiple (85) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks