General

  • Target

    98892a91cbd81bcc99710849b5dbc7d3_JaffaCakes118

  • Size

    172KB

  • Sample

    241125-cexmgsskbz

  • MD5

    98892a91cbd81bcc99710849b5dbc7d3

  • SHA1

    296d8cf6138e7e61f6d13e4d8a594f9cf4b0418c

  • SHA256

    bb13c0965441119f3d0bad9f65f26a01582042f52dc5d4f50eeea2e606698e98

  • SHA512

    761917a63c7fbabfbd77e96e3339ef930272981274a935d701b8492bcd4d2d25b2386c470f96d801c7bfbadccdef9164f7f1e033ee23d5ef4c5983ec3c6e0076

  • SSDEEP

    3072:i7jYpyprmdK5WhAHwspDc/NPi9hY8uoWvA7c3b4MAiO7p0ZbQ3IjzDToF:i/YpyprDFTJ42fvWNElik0ZkYjzDT

Malware Config

Targets

    • Target

      98892a91cbd81bcc99710849b5dbc7d3_JaffaCakes118

    • Size

      172KB

    • MD5

      98892a91cbd81bcc99710849b5dbc7d3

    • SHA1

      296d8cf6138e7e61f6d13e4d8a594f9cf4b0418c

    • SHA256

      bb13c0965441119f3d0bad9f65f26a01582042f52dc5d4f50eeea2e606698e98

    • SHA512

      761917a63c7fbabfbd77e96e3339ef930272981274a935d701b8492bcd4d2d25b2386c470f96d801c7bfbadccdef9164f7f1e033ee23d5ef4c5983ec3c6e0076

    • SSDEEP

      3072:i7jYpyprmdK5WhAHwspDc/NPi9hY8uoWvA7c3b4MAiO7p0ZbQ3IjzDToF:i/YpyprDFTJ42fvWNElik0ZkYjzDT

    • Detect MafiaWare666 ransomware

    • MafiaWare666 Ransomware

      MafiaWare666 is ransomware written in C# with multiple variants.

    • Mafiaware666 family

    • Renames multiple (149) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks