metamorpherrat | 07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8 | Triage

Sharing

General

Target

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8
Size

78KB
Sample

210228-k6tx6mvs2s
MD5

ec1f806b2ca57c3c03be303890c6fd65
SHA1

7d48e0cb19d60dfe2a3a04aef63c57482a024c97
SHA256

07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8
SHA512

78d31f7738d47a65952ee6315f4a3ab25f35d47eed4b4832fbfe890c1b286dca1ae42dc9721b5ffa6a0ff3c0576bf621964d384d977b2851433e20538b57f0d6

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8
- Size
  
  78KB
- MD5
  
  ec1f806b2ca57c3c03be303890c6fd65
- SHA1
  
  7d48e0cb19d60dfe2a3a04aef63c57482a024c97
- SHA256
  
  07ac68fef8d90307874918f85d499b48ea2007b51f0bd404b5a35ba97a6c7dd8
- SHA512
  
  78d31f7738d47a65952ee6315f4a3ab25f35d47eed4b4832fbfe890c1b286dca1ae42dc9721b5ffa6a0ff3c0576bf621964d384d977b2851433e20538b57f0d6
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2

metamorpherratpersistenceratstealertrojan