mafiaware666 | 7bd5b607bbe263530c485cfcc1f293c59f771904b073098350af17fe0978ace0 | Triage

Sharing

General

Target

testing.zip
Size

1.4MB
Sample

250217-clvrgawpdx
MD5

ec25121d1ee19f064b2d50d2bdd9c2d4
SHA1

7c7d78d4725f6f53434a36a99dd13b1841284f8f
SHA256

7bd5b607bbe263530c485cfcc1f293c59f771904b073098350af17fe0978ace0
SHA512

f7b19c7fead7097bc562689e026ff911cd111af705231ea8f8022baa99a3a4a7fb81a9d37bb3e0e068ec455e6971d1ac6dc0ae24db3f61e7caa94276ae40e3a0
SSDEEP

24576:SoQXKyaC1OS0JdsNEA3aV+qC8LEZSXZ8cEqPodfyHrEhUKVotZ56bn0vPu/0Siou:Y6FCV0JdsNE/V+1bZuEqBLEhFVor56oj

Score

10^/10

mafiaware666 discovery ransomware

Malware Config

Targets

- Target
  
  DecrypterPOC.exe
- Size
  
  154KB
- MD5
  
  13a41a2bf6de0803eee77582e3a4f88e
- SHA1
  
  fbec44e22820e075cf5037fc7de13a281c76b4de
- SHA256
  
  80f2e92ae725058452833e09914b83db986f9d793be210143bb88d1d5352f054
- SHA512
  
  366d6ea71db4fa97d92bc70ffa8720899b47508610059a4ad56b447038b9ff4a9364977f091e2e899a0442c2296962e37be6e9e65f4341579d5fd8f477131a84
- SSDEEP
  
  3072:VtL04G/O4BDom5hWkNX2xlkHmJRqAnoqOAcRRwo4wbYrXA:QxX5URji7zYrX
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  WindowsFormsApp1.exe
- Size
  
  1.3MB
- MD5
  
  3dce90e3a6daa8810d0dec78fd960e7d
- SHA1
  
  d44f4aa742092f33ec60264e15f09fd127a7bb87
- SHA256
  
  096ef1633a1e4b28ea46406a6324998b5f4dc59f6596c3dfbe7d6ee403186733
- SHA512
  
  bd68ff08882a61bbc4d51ca4ae2e055e20db853c79f6ea0dd5867e673af38785ddc4f992c1891ecf6d658bba89556b23797d708f3d7ca1da1eb4332f9a2ea84c
- SSDEEP
  
  24576:RTSTiRsBE12BIVpT2QhYpAILUo/g9QZqpMC3QVbIoTdWR8SfEuGujqZF13z8H81:RT7RseZDT2tSbvQsIbe8YVjPH81
Score

10^/10

mafiaware666 discovery ransomware
- Detect MafiaWare666 ransomware
- MafiaWare666 Ransomware
  MafiaWare666 is ransomware written in C# with multiple variants.
  ransomware mafiaware666
- Mafiaware666 family
  mafiaware666
- Renames multiple (62) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Drops desktop.ini file(s)
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

mafiaware666discoveryransomware

behavioral4

mafiaware666discoveryransomware