General
-
Target
6b2e5003c594a00762c2ab793dbfb3f7f47f7360013da89333bbd0187cfa6f64
-
Size
157KB
-
Sample
240417-rhs6ssbc55
-
MD5
62be66b1939780bde3fde6b7c02fd943
-
SHA1
329d7c88f54a526f9c0bf3abf574750d825c23e4
-
SHA256
6b2e5003c594a00762c2ab793dbfb3f7f47f7360013da89333bbd0187cfa6f64
-
SHA512
c05e44d8084f7c4b5ebf8a2c91c4d3170f770a2f255761d3a6d442fc0c78d774ce4aef36938ac786ec0f2998936e8b62f8a0d79090361d28ce476b0a1f27eca6
-
SSDEEP
3072:rDdopHpM2XI7BK3PX/E86ITyHEoccfbTMrDxGkghG/2gP2ySE0gzme:qHpVkY3pbGkUf8rDx4hO2tySE0gzme
Behavioral task
behavioral1
Sample
b2865f04239ad453c02b1baa8aca4f44e9e5d3326c6915056781cea7c0bc733a.exe
Resource
win7-20240319-en
Malware Config
Extracted
nanocore
1.2.2.0
127.0.0.1:54984
4cd1b252-8891-4fef-bb08-47fa3797f12b
-
activate_away_mode
true
-
backup_connection_host
127.0.0.1
-
backup_dns_server
8.8.4.4
-
buffer_size
65535
-
build_time
2023-12-14T11:28:06.090759136Z
-
bypass_user_account_control
true
- bypass_user_account_control_data
-
clear_access_control
true
-
clear_zone_identifier
false
-
connect_delay
4000
-
connection_port
54984
-
default_group
Default
-
enable_debug_mode
true
-
gc_threshold
1.048576e+07
-
keep_alive_timeout
30000
-
keyboard_logging
false
-
lan_timeout
2500
-
max_packet_size
1.048576e+07
-
mutex
4cd1b252-8891-4fef-bb08-47fa3797f12b
-
mutex_timeout
5000
-
prevent_system_sleep
false
-
primary_connection_host
127.0.0.1
-
primary_dns_server
8.8.8.8
-
request_elevation
true
-
restart_delay
5000
-
run_delay
0
-
run_on_startup
true
-
set_critical_process
true
-
timeout_interval
5000
-
use_custom_dns_server
false
-
version
1.2.2.0
-
wan_timeout
8000
Targets
-
-
Target
b2865f04239ad453c02b1baa8aca4f44e9e5d3326c6915056781cea7c0bc733a.exe
-
Size
202KB
-
MD5
206547178c018a7f4db353375eb0f8e6
-
SHA1
c020381a40331f586369ce39a2f0086d7a4c79e9
-
SHA256
b2865f04239ad453c02b1baa8aca4f44e9e5d3326c6915056781cea7c0bc733a
-
SHA512
c9a27a3d1e3f87c639be00b4782a6ce76c538544f38da0063c724baefff62df98613e07622955f1e34233b96fd51deab9e57aab2a7e733032124f513c7912312
-
SSDEEP
6144:gLV6Bta6dtJmakIM5w/vsYvaC5tdNHydik4:gLV6BtpmkH/0YvaC5tOUn
-