07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8

General
Target

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8

Size

78KB

Sample

210228-k6tx6mvs2s

Score
10 /10
MD5

ec1f806b2ca57c3c03be303890c6fd65

SHA1

7d48e0cb19d60dfe2a3a04aef63c57482a024c97

SHA256

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8

SHA512

78d31f7738d47a65952ee6315f4a3ab25f35d47eed4b4832fbfe890c1b286dca1ae42dc9721b5ffa6a0ff3c0576bf621964d384d977b2851433e20538b57f0d6

Malware Config
Targets
Target

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8

MD5

ec1f806b2ca57c3c03be303890c6fd65

Filesize

78KB

Score
10/10
SHA1

7d48e0cb19d60dfe2a3a04aef63c57482a024c97

SHA256

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8

SHA512

78d31f7738d47a65952ee6315f4a3ab25f35d47eed4b4832fbfe890c1b286dca1ae42dc9721b5ffa6a0ff3c0576bf621964d384d977b2851433e20538b57f0d6

Tags

Signatures

  • MetamorpherRAT

    Description

    Metamorpherrat is a hacking tool that has been around for a while since 2013.

    Tags

  • Executes dropped EXE

  • Deletes itself

  • Loads dropped DLL

  • Uses the VBS compiler for execution

    TTPs

    Scripting
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation