General

  • Target

    b96a6b4537fb7c37859a9bcd84b7c6a2d4c11ac5f9f65fd346e54d4796490de8

  • Size

    78KB

  • Sample

    220329-yx578seggr

  • MD5

    001721e21781c4956338df32b3462aca

  • SHA1

    35bcfe73f9c9e16a9bea8b5ba29343a63ca6f442

  • SHA256

    b96a6b4537fb7c37859a9bcd84b7c6a2d4c11ac5f9f65fd346e54d4796490de8

  • SHA512

    26f4c06effae57c06dba35172ba78cad3d65e5fbb159765de2546608655a32b5297575ed7915e821370440c2dba9c778fb92d45e140f1c13accce9ecd35f16f0

Malware Config

Targets

    • Target

      b96a6b4537fb7c37859a9bcd84b7c6a2d4c11ac5f9f65fd346e54d4796490de8

    • Size

      78KB

    • MD5

      001721e21781c4956338df32b3462aca

    • SHA1

      35bcfe73f9c9e16a9bea8b5ba29343a63ca6f442

    • SHA256

      b96a6b4537fb7c37859a9bcd84b7c6a2d4c11ac5f9f65fd346e54d4796490de8

    • SHA512

      26f4c06effae57c06dba35172ba78cad3d65e5fbb159765de2546608655a32b5297575ed7915e821370440c2dba9c778fb92d45e140f1c13accce9ecd35f16f0

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

      suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scripting

1
T1064

Defense Evasion

Scripting

1
T1064

Discovery

System Information Discovery

1
T1082

Tasks