Details
Malware Family NanoCore
Date Added Feb. 1, 2016, 9:47 p.m.
MD5 17da317a04906caba714ed2c42280c07
Sha256 c5f7f11d15f41c5b7fae3990475c6dcc122fe6af0babf74a469e1446f48d809f
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 01
RestartDelay 5000
Group Default
BackupDNSServer
RunOnStartup 01
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer
ConnectDelay 4000
EnableDebugMode 01
Version 1.2.2.0
Mutex b9a9e915a2f38b439109a3cbea8c10a9
SetCriticalProcess 01
Domain2 127.0.0.1
Domain1 94.242.57.172
Port 9231
ClearAccessControl 01
ClearZoneIdentifier 01
Advertising
VirusTotal

41 out of 54 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
94.242.57.172 RU
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus