metamorpherrat | e847c40adccf6111b9c216082650f7c973dfc7aa3369f02a4e64eea61cdea509 | Triage

Sharing

General

Target

e847c40adccf6111b9c216082650f7c973dfc7aa3369f02a4e64eea61cdea509
Size

78KB
Sample

220326-vpdw8sfcd3
MD5

a84881aebc96451fdf83bb9193f1ba64
SHA1

2ffa74fbd36f182e5fa13354ed5ec4eb57672f83
SHA256

e847c40adccf6111b9c216082650f7c973dfc7aa3369f02a4e64eea61cdea509
SHA512

90456e8ef08e29483ce67d37b396727f20bccc669213118d34886167125aa53c2bb76a6a58cffb27d8354a31ebf152c2423719c7f7a74ed7ea096d071038ddff

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  e847c40adccf6111b9c216082650f7c973dfc7aa3369f02a4e64eea61cdea509
- Size
  
  78KB
- MD5
  
  a84881aebc96451fdf83bb9193f1ba64
- SHA1
  
  2ffa74fbd36f182e5fa13354ed5ec4eb57672f83
- SHA256
  
  e847c40adccf6111b9c216082650f7c973dfc7aa3369f02a4e64eea61cdea509
- SHA512
  
  90456e8ef08e29483ce67d37b396727f20bccc669213118d34886167125aa53c2bb76a6a58cffb27d8354a31ebf152c2423719c7f7a74ed7ea096d071038ddff
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2