Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.503941570.00000000035E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.503941570.0000000003575000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.503941570.0000000003851000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.503941570.0000000003851000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.502791120.0000000002551000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.502791120.0000000002551000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.503941570.000000000366D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.503941570.000000000366D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000002.00000002.502791120.00000000025CF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000002.00000002.502791120.00000000025CF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: Detetcs the Nanocore RAT Author: Florian Roth |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 1.2.rnixgfly.exe.2223658.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38c48ee.14.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6810000.30.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6830000.32.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38b64be.10.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.417058.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38ad68f.19.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6640000.26.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.5e41a8.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.68b0000.38.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.58c0000.24.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.4f60000.20.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.35eb3f8.18.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6840000.33.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6840000.33.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.37000f9.16.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6874c9f.35.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6800000.29.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38c48ee.14.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.2490000.3.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6820000.31.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.358c350.11.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6640000.26.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6860000.34.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.2490000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6800000.29.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.58c4629.23.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.5e41a8.2.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.417058.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.67f0000.28.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.58c0000.24.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25935b0.7.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.38ad68f.19.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6820000.31.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.25faee8.6.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.37000f9.16.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.68b0000.38.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6860000.34.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.25e0e74.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.687e8a4.36.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6870000.37.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.5810000.21.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25e0e74.5.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.359abf4.17.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 1.2.rnixgfly.exe.2223658.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25935b0.7.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.372095a.12.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 1.2.rnixgfly.exe.2210000.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.370c32d.13.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6830000.32.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.35efa21.15.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.358c350.11.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.35eb3f8.18.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.38b64be.10.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.3590fef.9.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.67c0000.27.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.67f0000.28.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.370c32d.13.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.2583a9c.8.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25faee8.6.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.5d60000.25.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.5d60000.25.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.6870000.37.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 1.2.rnixgfly.exe.2210000.3.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 2.2.rnixgfly.exe.25f54b0.4.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508686978.00000000067C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.509009346.0000000006860000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508822078.0000000006800000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.503941570.00000000035E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508900878.0000000006830000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.506631236.0000000004F62000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.501682752.00000000005C8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.507046182.0000000005810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508294915.0000000005D60000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508782806.00000000067F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508849965.0000000006810000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.501206954.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508596907.0000000006640000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.509045139.0000000006870000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508870070.0000000006820000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.503941570.0000000003575000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.509221233.00000000068B0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.507263839.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000001.00000002.249320721.0000000002210000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.508927189.0000000006840000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.502515145.0000000002490000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.503941570.0000000003851000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.503941570.0000000003851000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.502791120.0000000002551000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.502791120.0000000002551000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.503941570.000000000366D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.503941570.000000000366D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000002.00000002.502791120.00000000025CF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000002.00000002.502791120.00000000025CF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: Process Memory Space: rnixgfly.exe PID: 4904, type: MEMORYSTR |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: Process Memory Space: rnixgfly.exe PID: 3192, type: MEMORYSTR |
Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |