Loading ...

Play interactive tourEdit tour

Analysis Report https://onedrive.live.com/download?cid=34207675F7506D94&resid=34207675F7506D94%21140&authkey=AFKMklYJ_WYjTYg

Overview

General Information

Sample URL:https://onedrive.live.com/download?cid=34207675F7506D94&resid=34207675F7506D94%21140&authkey=AFKMklYJ_WYjTYg

Most interesting Screenshot:

Detection

Nanocore
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for dropped file
Detected Nanocore Rat
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Sigma detected: NanoCore
Sigma detected: Scheduled temp file as task from temp location
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Yara detected Nanocore RAT
Creates autostart registry keys with suspicious values (likely registry only malware)
Drops PE files with a suspicious file extension