General
-
Target
ab927ada3a48e70c6cc78d32a4522bf8d58ec71ebb6288e5aab354b3af30d485
-
Size
1.3MB
-
Sample
220701-hswv1aghfk
-
MD5
5f01eb2edbb358c5abb6f9fb9565e119
-
SHA1
0bdd7580967cc69a045f47348205d95464781971
-
SHA256
ab927ada3a48e70c6cc78d32a4522bf8d58ec71ebb6288e5aab354b3af30d485
-
SHA512
6e459892011c5a052aa4407cba41282f0570b468b810d13d8cf50c927e106a7284698d74c84562cf6cc5f759b8116864284801ebe38581eb985967270d6f7819
Malware Config
Targets
-
-
Target
ab927ada3a48e70c6cc78d32a4522bf8d58ec71ebb6288e5aab354b3af30d485
-
Size
1.3MB
-
MD5
5f01eb2edbb358c5abb6f9fb9565e119
-
SHA1
0bdd7580967cc69a045f47348205d95464781971
-
SHA256
ab927ada3a48e70c6cc78d32a4522bf8d58ec71ebb6288e5aab354b3af30d485
-
SHA512
6e459892011c5a052aa4407cba41282f0570b468b810d13d8cf50c927e106a7284698d74c84562cf6cc5f759b8116864284801ebe38581eb985967270d6f7819
Score10/10-
NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-