metamorpherrat | 4a1926b9240938f7590d0e5a7afb995572a07b66b3512a117a306ae28e0f745e | Triage

Sharing

General

Target

4a1926b9240938f7590d0e5a7afb995572a07b66b3512a117a306ae28e0f745e
Size

78KB
Sample

220326-jkfz9aabc5
MD5

00831c7277e51a7a3e765c58f685914d
SHA1

ca2d1a0ddbd19a14ae31bf3a7132e1874fa2980f
SHA256

4a1926b9240938f7590d0e5a7afb995572a07b66b3512a117a306ae28e0f745e
SHA512

4fb8f37453152c5dd9f795c5908da8ca9445682f52c7a77c369ecd3b1200fba673eb803993c939e8169d6340929307c42fa139016ca62ec44ad4e79e0bb1e85c

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  4a1926b9240938f7590d0e5a7afb995572a07b66b3512a117a306ae28e0f745e
- Size
  
  78KB
- MD5
  
  00831c7277e51a7a3e765c58f685914d
- SHA1
  
  ca2d1a0ddbd19a14ae31bf3a7132e1874fa2980f
- SHA256
  
  4a1926b9240938f7590d0e5a7afb995572a07b66b3512a117a306ae28e0f745e
- SHA512
  
  4fb8f37453152c5dd9f795c5908da8ca9445682f52c7a77c369ecd3b1200fba673eb803993c939e8169d6340929307c42fa139016ca62ec44ad4e79e0bb1e85c
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2