General

  • Target

    mnfclub-setup-win.msi

  • Size

    9.2MB

  • Sample

    241004-v8zyta1gka

  • MD5

    8fb4b0015988417a06216c492d051a9f

  • SHA1

    1f8528631296965b45d9e804f1d6b31440557825

  • SHA256

    0aa5b3912429387f9b5f6150f49f929b5f6e00fab539c7372108f37c7aa6c44a

  • SHA512

    31a9d67b4d3e848448ae3109e0c5f810916b591879a16f2649d5837ca7bdad8a4483f1116c9a23f6bce0c7de73f4264e35141008d6d0ee562657a25f09d45a17

  • SSDEEP

    196608:bP1FFmPoT8CQEfP6HZE8/mHN78b5UWD966GJYH15nNexCxHLrs4V:T1FYAlHPAF/G78be6Gq151xrrj

Malware Config

Targets

    • Target

      mnfclub-setup-win.msi

    • Size

      9.2MB

    • MD5

      8fb4b0015988417a06216c492d051a9f

    • SHA1

      1f8528631296965b45d9e804f1d6b31440557825

    • SHA256

      0aa5b3912429387f9b5f6150f49f929b5f6e00fab539c7372108f37c7aa6c44a

    • SHA512

      31a9d67b4d3e848448ae3109e0c5f810916b591879a16f2649d5837ca7bdad8a4483f1116c9a23f6bce0c7de73f4264e35141008d6d0ee562657a25f09d45a17

    • SSDEEP

      196608:bP1FFmPoT8CQEfP6HZE8/mHN78b5UWD966GJYH15nNexCxHLrs4V:T1FYAlHPAF/G78be6Gq151xrrj

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

    • Blocklisted process makes network request

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks