Details
Malware Family NanoCore
Date Added Jan. 30, 2016, 3 a.m.
MD5 ce92cb26fc2807ef09ac07610f00972b
Sha256 5641b094c1dbea5e6d80b112aac74676f6bc0edb1ea5d2209b204363e5b1ece9
Robot Robots lovingly delivered by robohash.org
Config Sections
RequestElevation 00
BypassUAC 00
RestartDelay 5000
Group Dan4o
RunOnStartup 00
PreventSystemSleep 01
UseCustomDNS 01
PrimaryDNSServer 8.8.8.8
ConnectDelay 4000
EnableDebugMode 00
Version 1.2.2.0
Mutex 37d34769fbe4aa458377fb9f35f67a8f
SetCriticalProcess 00
Domain2 127.0.0.1
Domain1 souljaboi.duckdns.org
Port 5665
ClearAccessControl 00
ClearZoneIdentifier 01
Advertising
VirusTotal

42 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
souljaboi.duckdns.org 188.254.249.248 BG
127.0.0.1 0
Geo Location
Yara Rules
Comments
comments powered by Disqus