General
Target

4d7e3818fcaa4b55056d58e20420d10fe1d8e56fbd6059d0a716c877f73aaa5d

Size

78KB

Sample

210228-412z74bg86

Score
10/10
MD5

0106ede4fe7c8704ea04b3f66c5d80d6

SHA1

59d774bed7c7c8f76de7fa436e238413870d16b6

SHA256

4d7e3818fcaa4b55056d58e20420d10fe1d8e56fbd6059d0a716c877f73aaa5d

SHA512

8ed68cc9a26eb9ce1f9fd0d70ae0d0a6ba91c3d3cc3a2feb730957556f981edbcf41841815220552aedffcf85b1d967442e9d7fe9fd8f5a20ef19d1f7340439e

Malware Config
Targets
Target

4d7e3818fcaa4b55056d58e20420d10fe1d8e56fbd6059d0a716c877f73aaa5d

MD5

0106ede4fe7c8704ea04b3f66c5d80d6

Filesize

78KB

Score
10/10
SHA1

59d774bed7c7c8f76de7fa436e238413870d16b6

SHA256

4d7e3818fcaa4b55056d58e20420d10fe1d8e56fbd6059d0a716c877f73aaa5d

SHA512

8ed68cc9a26eb9ce1f9fd0d70ae0d0a6ba91c3d3cc3a2feb730957556f981edbcf41841815220552aedffcf85b1d967442e9d7fe9fd8f5a20ef19d1f7340439e

Tags

Signatures

  • MetamorpherRAT

    Description

    Metamorpherrat is a hacking tool that has been around for a while since 2013.

    Tags

  • Executes dropped EXE

  • Deletes itself

  • Loads dropped DLL

  • Uses the VBS compiler for execution

    TTPs

    Scripting
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    8/10