MSIL/Noancooe (alias Nanocore)

Re: Malware collection

#28835 by ikolor
Thu Jul 07, 2016 6:10 pm

next...

Thanks for analysis

https://www.virustotal.com/en/file/ccd3 ... 467914818/
########################################
This type of file from my browser is classified as malware .?
########################################

https://www.virustotal.com/en/file/36ef ... 467915557/

https://www.virustotal.com/en/file/b550 ... 467915450/

Attachments

Browser.rar

(327.69 KiB) Downloaded 62 times

updater.rar

(506.31 KiB) Downloaded 63 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#28840 by ikolor
Fri Jul 08, 2016 5:36 am

next..

https://www.virustotal.com/en/file/1c8b ... 467956059/

collection

https://www.virustotal.com/en/file/9b43 ... 467969043/

Attachments

kazycrp.rar

(2.45 MiB) Downloaded 76 times

Last edited by EP_X0FF on Tue Oct 18, 2016 8:33 am, edited 1 time in total. Reason: software bundler trash removed

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

MSIL/Noancooe (alias Nanocore)

#28941 by ikolor
Tue Jul 26, 2016 6:59 pm

SDM Cracow 2016

https://www.virustotal.com/en/file/ca81 ... 469562723/

https://www.virustotal.com/en/file/af23 ... 469559391/

Attachments

julynew.rar

(223.25 KiB) Downloaded 60 times

c1.rar

(96.42 KiB) Downloaded 59 times

Username

ikolor

Posts

342

Joined

Thu Jun 05, 2014 2:20 pm

Location

Poland

Re: Malware collection

#28942 by xors
Tue Jul 26, 2016 9:02 pm

ikolor wrote:SDM Cracow 2016

https://www.virustotal.com/en/file/ca81 ... 469562723/

Nanocore contacts to frankief.hopto.me

@xorsthingsv2

Username

xors

Posts

165

Joined

Mon May 23, 2016 2:01 am

Re: Malware collection

#29453 by EP_X0FF
Tue Oct 18, 2016 8:33 am

ikolor wrote:next..

https://www.virustotal.com/en/file/1c8b ... 467956059/

collection

https://www.virustotal.com/en/file/9b43 ... 467969043/

a1634.exe software bundler, trash, removed.
janavb.exe - MSIL/Noancooe (NanoCore)
janawin.exe - MSIL/Noancooe (NanoCore)
kazycrp.exe - MSIL/Noancooe (NanoCore)
cs.exe - MSIL/Silog (PWS)
NEI 13 10 Cyber__6629_i1929647758_il289940_26.exe - software bundler Mizenota

Posts moved.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Malware collection

#29454 by EP_X0FF
Tue Oct 18, 2016 8:52 am

ikolor wrote:next...

Thanks for analysis

https://www.virustotal.com/en/file/ccd3 ... 467914818/
########################################
This type of file from my browser is classified as malware .?
########################################

https://www.virustotal.com/en/file/36ef ... 467915557/

https://www.virustotal.com/en/file/b550 ... 467915450/

310F23E7D850B1891FCE1B8A0DDDF1E63216EE50 - Ransomware
email.exe - MSIL/Silog (PWS)
updater.exe - MSIL/Noancooe

Posts moved.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

UDS.DangerousObject.Multi.Generic (Nanocore RAT)

#32655 by hackr8
Thu Mar 07, 2019 2:49 pm

I found this on dropbox. It's made with VB6 [signature:Microsoft Visual Basic v5.0]
Please note that I was the first person to upload the file to Virustotal so the report might change soon.
Virustotal: https://www.virustotal.com/#/file/dab62 ... /detection