NanoCore

GPTKB entity

Statements (64)
Predicate Object
gptkbp:instanceOf Remote Access Trojan
gptkbp:abilities DDoS attacks
Audio recording
Credential harvesting
Modular architecture
Remote desktop
Reverse proxy
Data exfiltration
Command execution
File management
Keylogger
Password stealing
Persistence mechanisms
Process management
Remote shell
USB infection
Webcam access
Plugin support
Network communication
Anti-analysis features
Bypass UAC
Clipboard monitoring
Customizable plugins
Encrypted communication
File encryption
Network scanning
Obfuscation
Persistence via DLL injection
Persistence via WMI
Persistence via registry
Persistence via scheduled tasks
Persistence via service
Persistence via shortcut
Persistence via startup folder
Persistence via task scheduler
Registry editing
Screen locker
Screenshot capture
Self-update
gptkbp:arrested gptkb:Taylor_Huddleston
gptkbp:detects Antivirus software
gptkbp:developedBy gptkb:Taylor_Huddleston
gptkbp:firstReleased 2013
https://www.w3.org/2000/01/rdf-schema#label NanoCore
gptkbp:notableVariant gptkb:NanoCore_v1.2.2
gptkb:NanoCore_v1.2.7
gptkbp:operatingSystem gptkb:Windows
gptkbp:programmingLanguage gptkb:C#
gptkbp:sells gptkb:Dark_web
gptkbp:spreadTo Malicious attachments
Phishing emails
gptkbp:target Businesses
Individuals
Government organizations
gptkbp:usedFor Surveillance
Credential theft
File transfer
Keylogging
Remote control of infected computers
Screen capture
gptkbp:usesMalware RAT
gptkbp:bfsParent gptkb:APT33
gptkb:Trojan_(software)
gptkbp:bfsLayer 6