Details
Malware Family NanoCore
Date Added Aug. 4, 2015, 9:59 p.m.
MD5 8c26400e4da0904a913d2607f593ac07
Sha256 ef8b5ca9868b512f23d166de6d44da70011b65c5c24f4ad632065a552fbdfdd3
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 00
RestartDelay 5000
Group Default
RunOnStartup 01
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer 8.8.8.8
ConnectDelay 4000
EnableDebugMode 00
Version 1.2.2.0
Mutex 09e74ec7f9000b43b022284de13ea3cc
SetCriticalProcess 00
Domain2 totalinsanity.no-ip.biz
Domain1 totalinsanitync.no-ip.biz
Port 9003
ClearAccessControl 01
ClearZoneIdentifier 01
Advertising
VirusTotal

38 out of 56 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
totalinsanitync.no-ip.biz 0.0.0.0 0
Geo Location
Yara Rules
Comments
comments powered by Disqus