General
-
Target
https://file.kiwi/06292890#QO96z3GKmKbxwaI7OXvxtA
-
Sample
241227-x8s7daylgp
Score
10/10
Malware Config
Targets
-
-
Target
https://file.kiwi/06292890#QO96z3GKmKbxwaI7OXvxtA
Score10/10-
NanoCore
NanoCore is a remote access tool (RAT) with a variety of capabilities.
-
Nanocore family
-
A potential corporate email address has been identified in the URL: [email protected]
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1