nanocore | 25f7efc01373b3cf663ee9b63cfa98e0408f10a361509c174ce30199fbd3712f | Triage

Submit
Reports

Overview

overview

Static

static

1

NanoCore_1.2.2.0.exe

windows10-2004-x64

Sharing

General

Target

NanoCore_1.2.2.0.exe
Size

6.2MB
Sample

230327-1vqe4sfd97
MD5

8bbcf113166b891019bfcd493cc0e832
SHA1

899b9c49aebbcd2165b6478d2a95d01288bc9651
SHA256

25f7efc01373b3cf663ee9b63cfa98e0408f10a361509c174ce30199fbd3712f
SHA512

a710d2bba9a2e482ef7feb1539b3489cc655dc916bf416dfe63fdd4494c4b846cb9db1cee4f5e9cba5c7f4f6c5344122a150b61dd1627d9b41fd04b6afbdddda
SSDEEP

196608:JjMPjxYkSzaVHgoFMqN2x2/YRc6rNk2qwYm:JYF/SgHgDqNG4kNkZe

Score

10^/10

nanocore keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

NanoCore_1.2.2.0.exe

Resource

win10v2004-20230221-en

nanocore keylogger spyware stealer trojan

windows10-2004-x64

15 signatures

600 seconds

Malware Config

Targets

- Target
  
  NanoCore_1.2.2.0.exe
- Size
  
  6.2MB
- MD5
  
  8bbcf113166b891019bfcd493cc0e832
- SHA1
  
  899b9c49aebbcd2165b6478d2a95d01288bc9651
- SHA256
  
  25f7efc01373b3cf663ee9b63cfa98e0408f10a361509c174ce30199fbd3712f
- SHA512
  
  a710d2bba9a2e482ef7feb1539b3489cc655dc916bf416dfe63fdd4494c4b846cb9db1cee4f5e9cba5c7f4f6c5344122a150b61dd1627d9b41fd04b6afbdddda
- SSDEEP
  
  196608:JjMPjxYkSzaVHgoFMqN2x2/YRc6rNk2qwYm:JYF/SgHgDqNG4kNkZe
Score

10^/10

nanocore keylogger spyware stealer trojan
- NanoCore
  NanoCore is a remote access tool (RAT) with a variety of capabilities.
  keylogger trojan stealer spyware nanocore
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

nanocorekeyloggerspywarestealertrojan

© 2018-2024

Terms | Privacy