Results for NanoCore

Threat Research

.Net RAT Malware Being Spread by MS Word Documents

Fortinet’s FortiGuard Labs captured a malicious MS Word document from the wild that contains auto-executable malicious VBA code that can spread and install NanoCore RAT software on a victim’s Windows system.

By Xiaopeng Zhang January 15, 2019

Threat Research

PDF Phishing Leads to Nanocore RAT, Targets French Nationals

Recently, FortiGuard Labs found a phishing campaign targeting French Nationals. In this campaign, a PDF file with an embedded javascript is used to download the payload from a Google Drive shared link. As it turns out, the downloaded file is an HTA (HTML Application) file, a format that is becoming more and more common as a malware launch point. It is usually used as a downloader for the actual binary payload. However in this campaign,...

By Joie Salvio and Rommel Joven October 12, 2017