Details
Malware Family NanoCore
Date Added Aug. 16, 2015, 3:22 p.m.
MD5 3012fd83ceaa566345be5f4bed4fd97b
Sha256 336a1cbae054acb08c452eecf0e87363d68420b34927d0b9303a77d35558cfa0
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 00
RestartDelay 5000
Group Default
BackupDNSServer 8.8.4.4
RunOnStartup 01
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer 8.8.8.8
ConnectDelay 4000
EnableDebugMode 00
Version 1.2.2.0
Mutex d440624d7b60114c97f2aa9b9a56553e
SetCriticalProcess 00
Domain2 trevnet2.duckdns.org
Domain1 trevnet.duckdns.org
Port 8503
ClearAccessControl 00
ClearZoneIdentifier 01
Advertising
VirusTotal

33 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
trevnet.duckdns.org 173.44.55.155 US
Geo Location
Yara Rules
Comments
comments powered by Disqus