nanocore | 139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41 | Triage

Submit
Reports

Overview

overview

Static

static

5

139d61690b...cs.exe

windows7-x64

139d61690b...cs.exe

windows10-2004-x64

Sharing

General

Target

139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41_NeikiAnalytics.exe
Size

7.8MB
Sample

240625-1g3taavdlb
MD5

48dddfa444eff6759e83084260d273e0
SHA1

04c70394dc3d8609aaa90a384c4d9b29ceebe442
SHA256

139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41
SHA512

f411f81464d413fc082e7659cae8c89580d3e247d3e81c9c440fa0d2181dc0e51ffd038950582d9bfd3486af93bc3ee568d515855fea42de599ace59ec191797
SSDEEP

24576:Etb20pkfCqT5TBWgNQ7aWS6aWTtVXVChV1SzCaJWN7W6Ay:tCg5tQ7aCbTvEhVgGaJ8q5y

Score

10^/10

nanocore keylogger spyware stealer trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41_NeikiAnalytics.exe

Resource

win7-20231129-en

nanocore keylogger spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

nanocore keylogger spyware stealer trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41_NeikiAnalytics.exe
- Size
  
  7.8MB
- MD5
  
  48dddfa444eff6759e83084260d273e0
- SHA1
  
  04c70394dc3d8609aaa90a384c4d9b29ceebe442
- SHA256
  
  139d61690bbb746589727bd86635a497ac2ee57c879790c5bea5d1c6c4bd8a41
- SHA512
  
  f411f81464d413fc082e7659cae8c89580d3e247d3e81c9c440fa0d2181dc0e51ffd038950582d9bfd3486af93bc3ee568d515855fea42de599ace59ec191797
- SSDEEP
  
  24576:Etb20pkfCqT5TBWgNQ7aWS6aWTtVXVChV1SzCaJWN7W6Ay:tCg5tQ7aCbTvEhVgGaJ8q5y
Score

10^/10

nanocore keylogger spyware stealer trojan upx
- NanoCore
  NanoCore is a remote access tool (RAT) with a variety of capabilities.
  keylogger trojan stealer spyware nanocore
- Drops startup file
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

nanocorekeyloggerspywarestealertrojanupx

behavioral2

nanocorekeyloggerspywarestealertrojanupx

© 2018-2024

Terms | Privacy