nanocore | 942f062fb0ccf11244b51aede1e73e44481130dbd2a5ae6405f91199b3a8e376 | Triage

Sharing

General

Target

942f062fb0ccf11244b51aede1e73e44481130dbd2a5ae6405f91199b3a8e376
Size

167KB
Sample

240417-rmkefsda4s
MD5

1451da556ef897648a5fbbfb946f5f63
SHA1

3cf53f943720d787f21ce95450d7cbb809261ccd
SHA256

942f062fb0ccf11244b51aede1e73e44481130dbd2a5ae6405f91199b3a8e376
SHA512

6bf84aeb0efeb42d6bf28654a4807ef21d28c407e7f8d0fbd196f7142709a37330ebc31840bd408d1959c04dce5bbe4369de13dcd11a792420e66103bb065ae0
SSDEEP

3072:7Cg04EZbApr1KkTww1K8qOG5xO8DT97xg7g6xpqAF83T4ge95MY:7CT4UbsRKkTwTgCFxgckqAZgeLMY

Score

10^/10

nanocore evasion keylogger persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  9f124cc051efd9492f53488f2a60642d552900fb0f70f465e520fee11d60b481.exe
- Size
  
  174KB
- MD5
  
  9c79536d5a84425021040067fa902ce5
- SHA1
  
  0a688c1c65538cd0cc7daf094445ecc51466abaf
- SHA256
  
  9f124cc051efd9492f53488f2a60642d552900fb0f70f465e520fee11d60b481
- SHA512
  
  0eba7268b6c10f64cc05215e4e8ccbc6cbb9823360385c36b865f884d7e6e6ee667fb811e66d4e7530c0275fdf6fe8176b21fdff4b337f5197a63e84814df0c4
- SSDEEP
  
  3072:d3bgjpPioCYOLiahbZXnxtA+VKwotpRprf4arUUp/Xctj7q/PZ65Kl:dgpTCYOZZXxtAcGrf4arl/6qR
Score

10^/10

nanocore evasion keylogger persistence spyware stealer trojan
- NanoCore
  NanoCore is a remote access tool (RAT) with a variety of capabilities.
  keylogger trojan stealer spyware nanocore
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

nanocoreevasionkeyloggerpersistencespywarestealertrojan

behavioral2

nanocoreevasionkeyloggerpersistencespywarestealertrojan