Malware Analysis — NanoCore Rat
Tags
attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
Type | Value |
---|---|
UUID | 55a601d1-df2e-4662-81ea-3a85032b6805 |
Fingerprint | 36fc59398f9b0681 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Sept. 9, 2022, 7:35 a.m. |
Added to db | Sept. 26, 2022, 9:34 a.m. |
Last updated | Dec. 21, 2024, 3:17 a.m. |
Headline | Malware Analysis [#1]- NanoCore Rat |
Title | Malware Analysis — NanoCore Rat |
Detected Hints/Tags/Attributes | 27/1/13 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 136 | ✔ | InfoSec Write-ups - Medium | https://infosecwriteups.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 98 | bazaar.abuse.ch |
|
Details | Domain | 9 | www.flaticon.com |
|
Details | File | 1 | 1605f0e74c7088b8a2ca7190b71c83f8dc0381e57d817df3530bda4ac5737511.exe |
|
Details | File | 1 | ccgkcf.exe |
|
Details | File | 1 | ratotpvvsmo.exe |
|
Details | File | 5 | run.dat |
|
Details | md5 | 1 | 5846c3588fbcf6a5078b7a2413da0345 |
|
Details | sha256 | 1 | 1605f0e74c7088b8a2ca7190b71c83f8dc0381e57d817df3530bda4ac5737511 |
|
Details | Url | 5 | https://bazaar.abuse.ch |
|
Details | Url | 1 | https://bazaar.abuse.ch/sample/1605f0e74c7088b8a2ca7190b71c83f8dc0381e57d817df3530bda4ac5737511 |
|
Details | Url | 1 | https://www.virustotal.com/gui/file/1605f0e74c7088b8a2ca7190b71c83f8dc0381e57d817df3530bda4ac5737511/detection/f-1605f0e74c7088b8a2ca7190b71c83f8dc0381e57d817df3530bda4ac5737511-1648116728 |
|
Details | Url | 1 | https://www.flaticon.com/free-icons/trojan |
|
Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Micorsoft\Windows\CurrentVersion\Run |