It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Technical analysis by the Malware Hunter JAMESWT
New Nanocore campaign via fake bank payment. The Ace email attachment contains an exe. The malware itself
A false bank payment conveys the new global Nanocore campaign. The Ace email attachment contains an exe file.
This is the malware itself
Nanocore is a Remote Access Trojan (RAT) equipped with a variety of functions such as keylogger and password stealer. It also has the ability to tamper with and view webcam footage, lock the screen, as well as download and steal files.