 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: NanoCore RAT| Names | NanoCore RAT NanoCore Nancrat Zurten Atros2.CKPN | |
| Category | Malware | |
| Type | Backdoor, Info stealer, Credential stealer | |
| Description | Nanocore is a Remote Access Tool used to steal credentials and to spy on cameras. It has been used for a while by numerous criminal actors as well as by nation state threat actors. | |
| Information | <https://blog.morphisec.com/nanocore-under-the-microscope> <https://www.fireeye.com/blog/threat-research/2017/09/apt33-insights-into-iranian-cyber-espionage.html> <https://researchcenter.paloaltonetworks.com/2018/08/unit42-gorgon-group-slithering-nation-state-cybercrime/> <https://www.bleepingcomputer.com/news/security/nanocore-rat-author-gets-33-months-in-prison/> <https://blog.talosintelligence.com/2022/01/nanocore-netwire-and-asyncrat-spreading.html> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0336/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.nanocore> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:NanoCore> | |
Last change to this tool card: 25 January 2022
Download this tool card in JSON format
Previous: NanHaiShu
Next: Nautilus
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Aggah | [Unknown] | 2018-Jun 2022 | |||
 | APT 33, Elfin, Magnallium |  | 2013-Apr 2024 | ||
| Gorgon Group |  | 2017-Jul 2020 | |||
| Group5 | | 2015 | |||
| Operation Comando | [Unknown] | 2018 | |||
| RevengeHotels | [Unknown] | 2015 | |||
| TA2722 | [Unknown] | 2020 | |||
| Vendetta, TA2719 |  | 2020 | |||
8 groups listed (8 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |