nanocore | 0e17b2b81b13338e415d95d444bc02767e82880de035443efb9383655e0a8b6e | Triage

Sharing

General

Target

0e17b2b81b13338e415d95d444bc02767e82880de035443efb9383655e0a8b6e
Size

118KB
Sample

240711-hxatbsvdlm
MD5

2e4fd03595da994e811952b5ec6c628a
SHA1

751d406b212b67da94650aabd11a91bd6e25da74
SHA256

0e17b2b81b13338e415d95d444bc02767e82880de035443efb9383655e0a8b6e
SHA512

1f5a6ca4fddb7bd5ae13acf8c528369eeacade9f59ad008ab47121a063b57a35ec16350ff286eae7bb182c8ebcfc202d92fc1978107345e3ac15c90ea668f247
SSDEEP

3072:aujN8fYzbqLOxR9tAPcOu47tSPqhK5yeI2CERO9VocDHMliDo6A:HB8m4OLsP1pSxNsuyA

Score

10^/10

nanocore evasion keylogger persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  Hacked.exe
- Size
  
  158KB
- MD5
  
  6a2bc643b402f2e4a2dabe7f0cf035c2
- SHA1
  
  01dba3b4359648405fc0e4e0194f7ca324fbb9c5
- SHA256
  
  0c05271eb12acf9261961a88e5967efb9be04a76b3f6ba9d23bc911b519675c4
- SHA512
  
  772f64a7567de9990b5489189879635bef3df82f193f639f6b6c95bb769d2a4208a259f0e3702e69221e99f3b39618c678e7d3a6bd2b5f4573e2a88e7bfed57e
- SSDEEP
  
  3072:u5Pto80z+vFMCnOzS9FL9sGR2uRyR7QPMtdVi3x5I+0Wif2XpdcZzobRfpNJ:uM80mniiLU7QPerK0Wif2XpyoN7J
Score

10^/10

nanocore evasion keylogger persistence spyware stealer trojan
- NanoCore
  NanoCore is a remote access tool (RAT) with a variety of capabilities.
  keylogger trojan stealer spyware nanocore
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

nanocoreevasionkeyloggerpersistencespywarestealertrojan

behavioral2

nanocoreevasionkeyloggerpersistencespywarestealertrojan