General
-
Target
https://download1510.mediafire.com/7xh1iwhnefsgFMOAMlRJHc7UxyZLh5B9iQTsUls5Hih7-h5ffMxA5z7k0V5y5iRtV0qhy9qFNVIqahJart6-j07_zTwQJI0pssc5PEr_9J2O3vI3kcP4urmi9vd1wZ_efW2EW17eXZzeh3YfQe-hGJh675hrzMM4mFLQE7pbGbhmXZI/jxfvbr368ajrrw8/AHAH.exe
-
Sample
240520-qh282acf8y
Score
10/10
Malware Config
Targets
-
-
Target
https://download1510.mediafire.com/7xh1iwhnefsgFMOAMlRJHc7UxyZLh5B9iQTsUls5Hih7-h5ffMxA5z7k0V5y5iRtV0qhy9qFNVIqahJart6-j07_zTwQJI0pssc5PEr_9J2O3vI3kcP4urmi9vd1wZ_efW2EW17eXZzeh3YfQe-hGJh675hrzMM4mFLQE7pbGbhmXZI/jxfvbr368ajrrw8/AHAH.exe
Score10/10-
NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks whether UAC is enabled
-