nanocore | ceb348dfa61b34bebce021fa783b0afdb874ea7205f75e7fb42b01898439be75

Sharing

Copy URL

Twitter E-mail

General

Target

NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar
Size

5.8MB
Sample

240907-qxyt6awhnn
MD5

c75744769bae7a3e7a4a1aec27673851
SHA1

56b0aa88b44c532be4975bc096cb8e4b9e7ecb49
SHA256

ceb348dfa61b34bebce021fa783b0afdb874ea7205f75e7fb42b01898439be75
SHA512

fa0c8d0b3adbb0bf11185b6c85f38c99421ef24ce55d94674e8d999c907f323a3eb0bcf711b60298e31db2958ebfa2dafad9d01cdf1e61251018ebd717934679
SSDEEP

98304:5S+zg4KC/4ObL3j/ZV2tKRcHhMBJcPpylijvjTZi1UBCFCX/IxCF+/h0k98nRDdj:51kC/40z3tKMrcByIT1B2zkA/Ck92thv

Score

10^/10

nanocore discovery

Malware Config

Targets

- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222.rar
- Size
  
  5.8MB
- MD5
  
  c75744769bae7a3e7a4a1aec27673851
- SHA1
  
  56b0aa88b44c532be4975bc096cb8e4b9e7ecb49
- SHA256
  
  ceb348dfa61b34bebce021fa783b0afdb874ea7205f75e7fb42b01898439be75
- SHA512
  
  fa0c8d0b3adbb0bf11185b6c85f38c99421ef24ce55d94674e8d999c907f323a3eb0bcf711b60298e31db2958ebfa2dafad9d01cdf1e61251018ebd717934679
- SSDEEP
  
  98304:5S+zg4KC/4ObL3j/ZV2tKRcHhMBJcPpylijvjTZi1UBCFCX/IxCF+/h0k98nRDdj:51kC/40z3tKMrcByIT1B2zkA/Ck92thv
Score

3^/10
behavioral1 behavioral2
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/ClientPlugin.xml
- Size
  
  9KB
- MD5
  
  5d0381a56563b1ca8928e3cf087f1625
- SHA1
  
  9c9f15ec3bf3f91fae6f327df558d335f790ce3b
- SHA256
  
  0497b92461c2a9ce3101d9397fb3079f60979164336a16653d282273d3085bcc
- SHA512
  
  594de3e1313255902524d11b3d7a89d35b2db2713d01f7e725cecc5959227f18ca856059932b809be420bebd478199d48303a71b66fc3e48d835dcac133d3d04
- SSDEEP
  
  192:E5cL6liTydwvbFO+y2dbEBhVR6SHaP0sJjpCZUV1:ocLBeKw+y/BfASHo0uF7j
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Databases/core.sqlite
- Size
  
  3KB
- MD5
  
  3732df3263fbaa868bb866bcca1f402c
- SHA1
  
  f247dc7dfea7bcbb69116920d48af2dabf85b444
- SHA256
  
  716d9992711b5b17eca841836ba5a63db0a62251bd056a92db96deccfa887b41
- SHA512
  
  bb99cfe2be9488c6d7e57991b2bbc4e593ade8c8d2c79e4b7056ec5be60fd5e0b88467f65dca71c269540b800f0c3319e4e849e7e77069a6e9b1b89a2d4807fd
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Databases/geolocation.sqlite
- Size
  
  1.9MB
- MD5
  
  0e8d861cddede3a0b2b02cfc0b060b99
- SHA1
  
  728c1f00d7394c18b09536ca1c10124113ca3b87
- SHA256
  
  11bd851d8994d3ca9d078144679aa2dc06841addd0947b8fa8ad36758bdecf7a
- SHA512
  
  b1a5df8dcbb15826bb10265543f383348160a9f2fe3cd08ad2ea9bc277a8fafe5d7fc8bf99a11b543ebe704de9fe064b3d872526ef03b9027f0dc81a47d00660
- SSDEEP
  
  24576:b1z6MdA3TIjCeq77S4xFzYeJkPFTsWh7RTRYFQEp:b1z7A3MsuQcT5xR9Iv
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Databases/network.sqlite
- Size
  
  5KB
- MD5
  
  856342a3a887715f53cd7277a2b220af
- SHA1
  
  c8eccc68e8461b514054934a3a7895c89b84e83a
- SHA256
  
  de1cc5f927bdc0ace22cf11bebe0b83977b16338a97724e2489302a0fcda0173
- SHA512
  
  8c7261354f4901ddc7e5ee0afae77266991a2de719b7728358951591420f87372e45736112d44cd677d6e1a882bdd2348975d75d3c2b8d4d25055145a9e4e451
- SSDEEP
  
  12:HLo65FAg9Gjiagk2mK5avVxsiLC9l37mz4WA9G88PkaGWWEg8cNbYN/BgL6jRTJG:rN5F4jiTk2xmG37cWwb8YgFbKGLuXw1
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/AIO.ncp
- Size
  
  17KB
- MD5
  
  60c274ccb344da9e3d77449f6068d253
- SHA1
  
  ab25eddf3ddb61ef52104a01e5c9b8a23451c764
- SHA256
  
  0a59aaee013c57f3b6190d683160d88ca1c5868565cbf5acbb7b17d3e925c602
- SHA512
  
  9600d852b56557f31a5a18a6aa2cb76cf4fabf36ae32bbeccf82677f64737542234e2fb06ac8d917f9839120320b7db212d76e8dea24445f13096d86a474b9c9
- SSDEEP
  
  384:tBB6il6AmsofAub5qtzvqdY2Tdpf5Tbb9:t5ARsYb5q1qaKb9
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/CorePlugin.ncp
- Size
  
  119KB
- MD5
  
  7914e7302f72d330aa5f6c5c8c26df43
- SHA1
  
  8c411f3fe5297a78cb018539b44df87c0a51606a
- SHA256
  
  f66985518b1e56a04f512d110f5b79f21ed91cbcbf6bd3e17eba3dcdfb85f9b5
- SHA512
  
  8959843f282162ff0c59d890d04012c4f62dc36058aa7095d708a97a34313082cd4ca5ea5df5623cd2d6b8b91c527297168cab08ec59c1ec48fafac5983ad012
- SSDEEP
  
  3072:cPC567+geUAJTR3a9JjCK335q5qnfs3Pia:Rdt3abF5q5cE3Pia
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/DucPlugin.ncp
- Size
  
  73KB
- MD5
  
  5eca68a8368e0e144b7016e30b85515c
- SHA1
  
  0ba48b49974156e5746958aeeb1c2a26c916b3be
- SHA256
  
  e2ce89b3e68b003cb27e2c5652ccba073c8938bef194e51830539b2464a3f676
- SHA512
  
  ea1d1363fb072a5c646ce070184855588124be42392dc492ce86c88fe93eae78e23f5de4f2df75fb5b0e8d67bf08ff192dd163ed3c62a1ccfb0b8436ae1df644
- SSDEEP
  
  1536:u2iS9wNtywVjssrt1dY4vFP0A2vKZKxA6zghoS0Lunqq:uBS2NtywVrTd1J0FvKZKlCye/
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/MiscTools.ncp
- Size
  
  66KB
- MD5
  
  78e3006fc6468eb7dfc7761072b84ac6
- SHA1
  
  e46cae768d2754f48a29b7e424a9bddf0d67bcd8
- SHA256
  
  3a3a3b105eefb45e3b70cc1592e484df02df7020d5154e8c2e5d7d439e295e46
- SHA512
  
  0daa1cc9ddae70f442ee5eed784523dc1378b9d095edfaec1df95e02f00d09b461d60ee180f716f7ba755543ef7b0c87d791a454cf254dde0033b8615b2841e8
- SSDEEP
  
  1536:XQqCFuF5vS0ZDQkDxpFVQs7fablxN1MY+I4U1UdpYao6wCh6K5:X3C3yXLOs7abl5rKC6EY
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/NanoBlack.ncp
- Size
  
  107KB
- MD5
  
  794ab16c092ebf2b1d812d6cce158537
- SHA1
  
  6dd9edd26b50265d5af4642f9d1f1f8703a44805
- SHA256
  
  7919b7998d6b359d7cb700018dc2d69ff6ffb45bd01c9c190b98fb4c9ff4beab
- SHA512
  
  e639bb0f7d309344c45ddff3d7f91212b3c6a9db6970d06db35f6bac228b389ed8c32dbda75ae23ad1359bb60f678b0b891caa3ed07245aaad21dcb3ea4a5347
- SSDEEP
  
  3072:POgbajVKGBJelsf2pqwyvqxHTFya0hUXIuJcbcRmQq:POgmznusBRi1xRYKLRm5
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/NanoCoreSwiss.ncp
- Size
  
  49KB
- MD5
  
  fcb5afd01e75aca8ed9fbd35a46e54f3
- SHA1
  
  94b69f8612d31fc0698089d5e08aea1cafea52e7
- SHA256
  
  bf0386f6e9b4a35fefe5fe917e2be7c64867efe24521f18e4567f8af5f6dd5e5
- SHA512
  
  b587dd23eaea6de486c30864908f8603451c459153cd21b86a5e43bb9c2cca7cbc015daf620808fad76a4d56bbc4e57e127059c8e73be6c85bf958781c1343fe
- SSDEEP
  
  1536:bhzczxBEu1ptdDviH30I4pQkZRLOLmbK/:bixFT5viXIpPfOy2/
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/NanoProtectPlugin.ncp
- Size
  
  179KB
- MD5
  
  e51af633e5f5f4a817a54773fb90d337
- SHA1
  
  0cb8a7965f9f042954b1f318ea1026b76e12f8e0
- SHA256
  
  b37602dbb924bb94df0d9745d13fcace8a6642397fb738fbe02a88f667f3ab66
- SHA512
  
  6454305121597073d4ea2b8f57a4bb4a4fe7fafbd05336c91265534faea5a5cdec7504c1329ea0c8cb344a4f32d59c60af5348dfd89375876ae95ee2c15f0c14
- SSDEEP
  
  3072:QiPYOt87oPFUTtoqQiobIzRFGGxFgRCd1cTiLVuh8Lt8pH3EZmOappBpFreF07xW:imJOC/sBns+w+ukt8pH3EZmOapXpFrvo
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/NetworkPlugin.ncp
- Size
  
  319KB
- MD5
  
  70e5b02349742a550fbfcfb5bb78c906
- SHA1
  
  2319b68398af74fe08b6a3a7d6943cf700240a4e
- SHA256
  
  160030b8444b6fa86775a11d1be35df6a75252070fc5661055884d3f8b07296d
- SHA512
  
  bbb5d2fd6eff637da303a4ab2fdb02f781619ffe25c5795c5b9e514214227717771a98ce6c3becc87b29c15303ac4373ee3847060ad5755a2455362e6e26932b
- SSDEEP
  
  6144:Pry2uGVTxPSneavYUYSANk3HZGGq2ckHMmpOtU9DNAyT8QmKAxSljWznkujPe:Dluygn/Y1e5GOZ9DNAyTjKxSAznxjPe
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/SurveillanceExPlugin.ncp
- Size
  
  423KB
- MD5
  
  195fbe66986564288c3285935fe87b27
- SHA1
  
  2fe84fbbf109b3e4c7c63b414689021ba847b568
- SHA256
  
  a2ce9ed783b26d01d58e07b9c97bcfecace9ced72960cf3ecf471fbd008afbae
- SHA512
  
  552161e555d07fdf7062a4c0d3738819b13ad4c9a5c54f09db48dccf6faf49b014eb043037500abdac7af0210ed118c5232d8d54be367d8a4caccfae7904332e
- SSDEEP
  
  12288:PcdhZPX0bo0SWU1slTG6c8WIIiYboD64r2EXQ:EdhZPCQWBC3HIWiNXQ
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Plugins/ToolsPlugin.ncp
- Size
  
  130KB
- MD5
  
  699eb468e7d6bee9c429923b5b477545
- SHA1
  
  80bc420c3e441c9b9c3813ac05ea9e168cca1e3a
- SHA256
  
  d753bc28d842e44ffbf6cf99314febe5ed7759b25a74ca34a47fdd153bf2a6ab
- SHA512
  
  5d82a98e918ea3eb024dbb7552e5cdecc317b49635a5789029e7a0035d2f0cb2a3c47ef53e603217afd17d6f59fc78a918e2e5f70266119c619e41b3b647aac9
- SSDEEP
  
  3072:5Z2SwUK1FvYf3KtF50qgWBzu0SqtqjBFD2k2klZ9bqsddj:5oJDwfaf5YWBV5U/D2LkRbqqZ
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  NanoCore 1.2.2.0_Cracked By Alcatraz3222/Resources/Audio/camera.wav
- Size
  
  45KB
- MD5
  
  4567dbe9cc7cfdfe3a13a609e20a205e
- SHA1
  
  2242b43e9e6f45545b479883d72070fbff998340
- SHA256
  
  f49ec225a0df03534f4b9b265aeda561fd0a6b11d53038abaa27b3858db41aa1
- SHA512
  
  99828e282d4fac836d9bf597ee67305f24e1bbcd273e8e4fb56a08e6a98b34b16e53d8bb0b01e3e496099ad656ac54c1bde5d4145670c2354a4bc313ae67a118
- SSDEEP
  
  768:Ff+LOBHmFWHpphqrDAf/ozD6oNCvpsavQRU+pFATYZeuFk/jO/bH:sLOMQHp3iE3yD06aoUEk+Fkbw
Score

6^/10

discovery
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops desktop.ini file(s)

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32