metamorpherrat | 334f3a75f0cc54502feb4db16268b251d20d463b8091b6293ccaec170b928c5c | Triage

Sharing

General

Target

334f3a75f0cc54502feb4db16268b251d20d463b8091b6293ccaec170b928c5c
Size

78KB
Sample

220326-r41g1aadhk
MD5

03fd2810eaead974fb3a52f2104661a4
SHA1

8aaa60613f7d656eac7b2945d863bff3062f3f95
SHA256

334f3a75f0cc54502feb4db16268b251d20d463b8091b6293ccaec170b928c5c
SHA512

d5ba4601c8bc2b45733fdf9e6267a773e49e482096ad210f2f551ebd2659703d0e42af35aa15444ff50c543cb61238656ec4096dee9b8f76fa7e52cdb7b3b2cb

Score

10^/10

metamorpherrat persistence rat stealer suricata trojan

Malware Config

Targets

- Target
  
  334f3a75f0cc54502feb4db16268b251d20d463b8091b6293ccaec170b928c5c
- Size
  
  78KB
- MD5
  
  03fd2810eaead974fb3a52f2104661a4
- SHA1
  
  8aaa60613f7d656eac7b2945d863bff3062f3f95
- SHA256
  
  334f3a75f0cc54502feb4db16268b251d20d463b8091b6293ccaec170b928c5c
- SHA512
  
  d5ba4601c8bc2b45733fdf9e6267a773e49e482096ad210f2f551ebd2659703d0e42af35aa15444ff50c543cb61238656ec4096dee9b8f76fa7e52cdb7b3b2cb
Score

10^/10

metamorpherrat persistence rat stealer suricata trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealersuricatatrojan

behavioral2