metamorpherrat | 3f5c2aacc7134dc7a7d78f4731c01db691be30d2989274f33f1b56e4090820cd | Triage

Sharing

General

Target

3f5c2aacc7134dc7a7d78f4731c01db691be30d2989274f33f1b56e4090820cd
Size

78KB
Sample

210228-62cm6m5ys6
MD5

b7522739be3b41f898204a82bebbf202
SHA1

350d9490d8839b357882a2777e9dbf51ebcf4006
SHA256

3f5c2aacc7134dc7a7d78f4731c01db691be30d2989274f33f1b56e4090820cd
SHA512

e3de9441f58a7c120db5e86962abae6755bff93614d0a674e52ed23324f1f791435d69b1e0552c011388c89c5a6b5e64adbf05f9386bc560faa62daaa9b6e926

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  3f5c2aacc7134dc7a7d78f4731c01db691be30d2989274f33f1b56e4090820cd
- Size
  
  78KB
- MD5
  
  b7522739be3b41f898204a82bebbf202
- SHA1
  
  350d9490d8839b357882a2777e9dbf51ebcf4006
- SHA256
  
  3f5c2aacc7134dc7a7d78f4731c01db691be30d2989274f33f1b56e4090820cd
- SHA512
  
  e3de9441f58a7c120db5e86962abae6755bff93614d0a674e52ed23324f1f791435d69b1e0552c011388c89c5a6b5e64adbf05f9386bc560faa62daaa9b6e926
Score

10^/10

persistence metamorpherrat rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metamorpherratpersistenceratstealertrojan