Details
Malware Family NanoCore
Date Added Sept. 10, 2015, 9:18 p.m.
MD5 a9db7bc56ff78a2ff7a182bd1c7cc289
Sha256 4468eb8eb3a8d0f3a903ad71c33ab073ff9599a0140b2dfc6d176a322b1bbed8
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 01
RestartDelay 5000
Group Bruno
BackupDNSServer 8.8.4.4
RunOnStartup 01
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer 8.8.8.8
ConnectDelay 4000
EnableDebugMode 00
Version 1.2.2.0
Mutex cc404bd246be0e42bc789c29a78d7f84
SetCriticalProcess 00
Domain2 fakaelite1.no-ip.org
Domain1 fakaelite.no-ip.org
Port 54984
ClearAccessControl 00
ClearZoneIdentifier 01
Advertising
VirusTotal

31 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
fakaelite.no-ip.org 89.154.136.129 PT
Geo Location
Yara Rules
Comments
comments powered by Disqus