Source: file.exe, type: SAMPLE | Matched rule: Detects zgRAT Author: ditekSHen |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 0.2.file.exe.145c1610000.0.unpack, type: UNPACKEDPE | Matched rule: Detects zgRAT Author: ditekSHen |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 0.0.file.exe.145c1610000.0.unpack, type: UNPACKEDPE | Matched rule: Detects zgRAT Author: ditekSHen |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000006.00000002.808605429.0000000003F29000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000006.00000002.808605429.0000000003F29000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000006.00000002.805344954.0000000002F37000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Detects NanoCore Author: ditekSHen |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems) |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net> |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown |
Source: file.exe, type: SAMPLE | Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.5d90000.7.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.3f2ff64.2.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.51f0000.5.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 6.2.CasPol.exe.3f2b12e.3.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.3f2ff64.2.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.5d94629.6.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.5d90000.7.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 0.2.file.exe.145c1610000.0.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 0.2.file.exe.145d4f40110.5.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.3f3458d.4.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 6.2.CasPol.exe.400000.0.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 6.2.CasPol.exe.2f3e5c4.1.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 0.0.file.exe.145c1610000.0.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 0.2.file.exe.145d4f40110.5.raw.unpack, type: UNPACKEDPE | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000006.00000002.808605429.0000000003F29000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000006.00000002.808605429.0000000003F29000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000006.00000002.809329944.00000000051F0000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000006.00000002.803937571.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000006.00000002.805344954.0000000002F37000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore |
Source: 00000006.00000002.809497378.0000000005D90000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: 00000000.00000002.549824099.00000145D4A79000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: Process Memory Space: file.exe PID: 5540, type: MEMORYSTR | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore |
Source: Process Memory Space: CasPol.exe PID: 6636, type: MEMORYSTR | Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23 |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Users\user\Desktop\file.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe | Process information set: NOOPENFILEERRORBOX | Jump to behavior |