General
-
Target
125dacc5de0f8b6ffb8659178892c6ebc01c2c11ed6e267c11289cdb41cd92a1
-
Size
117KB
-
Sample
220603-t3j5qsbhe9
-
MD5
6be7f0af328bf1934349264811565c47
-
SHA1
2e9071303cb3319dc76f8c499a63d0bdb0d96fac
-
SHA256
125dacc5de0f8b6ffb8659178892c6ebc01c2c11ed6e267c11289cdb41cd92a1
-
SHA512
1263081cb3185dbe71b801ffcb61769c238b602d308b6db76a602abd599952fdda7b0dbc33e4cb907ebc5cb26ecbb5d53fc8f8c812075413111944f9180a8f98
Malware Config
Extracted
nanocore
-
activate_away_mode
false
- backup_connection_host
- backup_dns_server
-
buffer_size
0
-
build_time
0001-01-01T00:00:00Z
-
bypass_user_account_control
false
- bypass_user_account_control_data
-
clear_access_control
false
-
clear_zone_identifier
false
-
connect_delay
0
-
connection_port
0
- default_group
-
enable_debug_mode
false
-
gc_threshold
0
-
keep_alive_timeout
0
-
keyboard_logging
false
-
lan_timeout
0
-
max_packet_size
0
- mutex
-
mutex_timeout
0
-
prevent_system_sleep
false
- primary_connection_host
- primary_dns_server
-
request_elevation
false
-
restart_delay
0
-
run_delay
0
-
run_on_startup
false
-
set_critical_process
false
-
timeout_interval
0
-
use_custom_dns_server
false
- version
-
wan_timeout
0
Targets
-
-
Target
125dacc5de0f8b6ffb8659178892c6ebc01c2c11ed6e267c11289cdb41cd92a1
-
Size
117KB
-
MD5
6be7f0af328bf1934349264811565c47
-
SHA1
2e9071303cb3319dc76f8c499a63d0bdb0d96fac
-
SHA256
125dacc5de0f8b6ffb8659178892c6ebc01c2c11ed6e267c11289cdb41cd92a1
-
SHA512
1263081cb3185dbe71b801ffcb61769c238b602d308b6db76a602abd599952fdda7b0dbc33e4cb907ebc5cb26ecbb5d53fc8f8c812075413111944f9180a8f98
Score10/10-
NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-