mafiaware666 | 613bfc0cb68ebda81470975ec0c9ee04f93e86f7981ef52cf7adaa9c07bfc1ba | Triage

Submit
Reports

Overview

overview

Static

static

1

ransomware.rar

windows10-2004-x64

Sharing

General

Target

ransomware.rar
Size

1.3MB
Sample

240918-eb5vss1dpd
MD5

772a5166cba8d08dd969ba5594038522
SHA1

0e6cfffeacfe6d684e5263bd0c2e91e7d83bb116
SHA256

613bfc0cb68ebda81470975ec0c9ee04f93e86f7981ef52cf7adaa9c07bfc1ba
SHA512

3675f882425934e69cc7a22c9d29465ded5006f73a38675b86c569bcf09e4e4f2d48e9b856bf675c7d7eedd8a9d7191fd8f29a7606448880810b8aa2904f8123
SSDEEP

24576:3vuG8CYh3RHD58zSmHeGG7EjzbrAXkf3/KJeqvkgVCSuTp2VsdzspJFe:/eCaj5iHeG0Ynf3EsWCzTs2zspre

Score

10^/10

mafiaware666 defense_evasion discovery ransomware

Static task

static1

Behavioral task

behavioral1

Sample

ransomware.rar

Resource

win10v2004-20240802-en

mafiaware666 defense_evasion discovery ransomware

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  ransomware.rar
- Size
  
  1.3MB
- MD5
  
  772a5166cba8d08dd969ba5594038522
- SHA1
  
  0e6cfffeacfe6d684e5263bd0c2e91e7d83bb116
- SHA256
  
  613bfc0cb68ebda81470975ec0c9ee04f93e86f7981ef52cf7adaa9c07bfc1ba
- SHA512
  
  3675f882425934e69cc7a22c9d29465ded5006f73a38675b86c569bcf09e4e4f2d48e9b856bf675c7d7eedd8a9d7191fd8f29a7606448880810b8aa2904f8123
- SSDEEP
  
  24576:3vuG8CYh3RHD58zSmHeGG7EjzbrAXkf3/KJeqvkgVCSuTp2VsdzspJFe:/eCaj5iHeG0Ynf3EsWCzTs2zspre
Score

10^/10

mafiaware666 defense_evasion discovery ransomware
- Detect MafiaWare666 ransomware
- MafiaWare666 Ransomware
  MafiaWare666 is ransomware written in C# with multiple variants.
  ransomware mafiaware666
- Renames multiple (124) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Downloads MZ/PE file
- Executes dropped EXE
- Drops desktop.ini file(s)
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mafiaware666defense_evasiondiscoveryransomware

© 2018-2024

Terms | Privacy