Details
Malware Family NanoCore
Date Added Oct. 3, 2015, midnight
MD5 1bad4bf3f4c2d0c82da4493245d0db22
Sha256 6871930bdd36df018b8ce6c63e1f78c469133ad2e3ab7b743b4792085a3e7276
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 01
RestartDelay 5000
Group Default
BackupDNSServer aeht.no-ip.biz
RunOnStartup 01
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer aeht.no-ip.biz
ConnectDelay 4000
EnableDebugMode 00
Version 1.2.2.0
Mutex 696d656f75740788130000
SetCriticalProcess 01
Domain2 127.0.0.1
Domain1 aeht.no-ip.biz
Port 53896
ClearAccessControl 01
ClearZoneIdentifier 01
Advertising
VirusTotal

33 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
aeht.no-ip.biz 104.57.185.78 US
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus