PDF Phishing Leads to Nanocore RAT, Targets French Nationals
Tags
country: | France |
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Credentials - T1589.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002 |
Common Information
Type | Value |
---|---|
UUID | c7e528fb-9234-4677-96f3-c53052ccc27e |
Fingerprint | a0e1adf5adf73c2d |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Oct. 12, 2017, midnight |
Added to db | Jan. 18, 2023, 8:28 p.m. |
Last updated | Dec. 19, 2024, 8:04 p.m. |
Headline | PDF Phishing Leads to Nanocore RAT, Targets French Nationals |
Title | PDF Phishing Leads to Nanocore RAT, Targets French Nationals |
Detected Hints/Tags/Attributes | 46/3/9 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | dloader.gd |
|
Details | Domain | 1 | nanocore.bt |
|
Details | Domain | 1 | dropper.gd |
|
Details | sha256 | 1 | 3f4541fd800b71b1cfc25b665174e8ba7f1ef2c467e124252fea408598d89a65 |
|
Details | sha256 | 1 | cce86a03876eac85f779fa248d86ecaea6aecef9a783a58899f5ea3ed3b8c857 |
|
Details | sha256 | 1 | d547a836f83e166be6c1e639c61889bdbcf429a9b1ea50a45e2f51e80a2eff31 |
|
Details | IPv4 | 15 | 1.2.2.0 |
|
Details | IPv4 | 1 | 42.202.71.145 |
|
Details | IPv4 | 1 | 41.207.196.84 |