General

  • Target

    https://github.com/LJ9859/Malware-Database/raw/refs/heads/main/Ransomware/RIP%20LMAO.zip

  • Sample

    240921-wja4tswbkr

Malware Config

Targets

    • Target

      https://github.com/LJ9859/Malware-Database/raw/refs/heads/main/Ransomware/RIP%20LMAO.zip

    • Detect MafiaWare666 ransomware

    • MafiaWare666 Ransomware

      MafiaWare666 is ransomware written in C# with multiple variants.

    • Renames multiple (89) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks