How NanoCore RAT prevails among cyber actors with malware campaigns?
A series of malicious emails with attachments delivering the NanoCore Remote Access Trojan (RAT) is evading email and anti-malware scanners by abusing the .ZIPX file format. Malware Nanocore Nanocore is a remote access tool (RAT) first released in 2013, since then various versions have appeared. The malware is written in the .NET framework and uses Transmission Control Protocol (TCP) on any port for communication with its controller. The NanoCore version 1.2.2.0 malware when executed creates copies of itself in the AppData folder and injects its malicious code into the RegSvcs.exe process The malware comes with some basic plugins that extend its functionality.…