General
-
Target
NanoCore_1.2.2.0.exe
-
Size
6.2MB
-
Sample
230327-1vqe4sfd97
-
MD5
8bbcf113166b891019bfcd493cc0e832
-
SHA1
899b9c49aebbcd2165b6478d2a95d01288bc9651
-
SHA256
25f7efc01373b3cf663ee9b63cfa98e0408f10a361509c174ce30199fbd3712f
-
SHA512
a710d2bba9a2e482ef7feb1539b3489cc655dc916bf416dfe63fdd4494c4b846cb9db1cee4f5e9cba5c7f4f6c5344122a150b61dd1627d9b41fd04b6afbdddda
-
SSDEEP
196608:JjMPjxYkSzaVHgoFMqN2x2/YRc6rNk2qwYm:JYF/SgHgDqNG4kNkZe
Static task
static1
Malware Config
Targets
-
-
Target
NanoCore_1.2.2.0.exe
-
Size
6.2MB
-
MD5
8bbcf113166b891019bfcd493cc0e832
-
SHA1
899b9c49aebbcd2165b6478d2a95d01288bc9651
-
SHA256
25f7efc01373b3cf663ee9b63cfa98e0408f10a361509c174ce30199fbd3712f
-
SHA512
a710d2bba9a2e482ef7feb1539b3489cc655dc916bf416dfe63fdd4494c4b846cb9db1cee4f5e9cba5c7f4f6c5344122a150b61dd1627d9b41fd04b6afbdddda
-
SSDEEP
196608:JjMPjxYkSzaVHgoFMqN2x2/YRc6rNk2qwYm:JYF/SgHgDqNG4kNkZe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-