metamorpherrat | a934d3d92d578ac199163520f6cce02c4bcb8c69dc24875423aa40e80ee57142 | Triage

Sharing

General

Target

a934d3d92d578ac199163520f6cce02c4bcb8c69dc24875423aa40e80ee57142
Size

78KB
Sample

220329-16rsbacad2
MD5

045ced2344efb14fcef530861ead08a7
SHA1

58a75af26248e317fd3308f79aaf9305a367e011
SHA256

a934d3d92d578ac199163520f6cce02c4bcb8c69dc24875423aa40e80ee57142
SHA512

aede945d511d85b8b170554560f1d3ef92982cfde35f3d6e634798412fbbc0fd190a32bf53cd0fa954d080f675f24459b0dc294d92bdb0ac15bcea3f6529961f

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  a934d3d92d578ac199163520f6cce02c4bcb8c69dc24875423aa40e80ee57142
- Size
  
  78KB
- MD5
  
  045ced2344efb14fcef530861ead08a7
- SHA1
  
  58a75af26248e317fd3308f79aaf9305a367e011
- SHA256
  
  a934d3d92d578ac199163520f6cce02c4bcb8c69dc24875423aa40e80ee57142
- SHA512
  
  aede945d511d85b8b170554560f1d3ef92982cfde35f3d6e634798412fbbc0fd190a32bf53cd0fa954d080f675f24459b0dc294d92bdb0ac15bcea3f6529961f
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2