metamorpherrat | 75028b8f62067e103aeda12fb97b3f99404e7a9a12bbb4525e3e3a8f9fbe5f3f | Triage

Sharing

General

Target

75028b8f62067e103aeda12fb97b3f99404e7a9a12bbb4525e3e3a8f9fbe5f3f
Size

78KB
Sample

220330-eazx6affe9
MD5

00b01e3ae42a148b96973f119918429e
SHA1

6c07708b750ff2e650ab3845544b138b65a597c4
SHA256

75028b8f62067e103aeda12fb97b3f99404e7a9a12bbb4525e3e3a8f9fbe5f3f
SHA512

899d5fabfa77d237e533615b10bd659965ffd212f015e6a8dbf6bd729a0c0b0af29a05db41721182987ffdd8dd1be72cb352577c53baf12fd49280fe62b338a0

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  75028b8f62067e103aeda12fb97b3f99404e7a9a12bbb4525e3e3a8f9fbe5f3f
- Size
  
  78KB
- MD5
  
  00b01e3ae42a148b96973f119918429e
- SHA1
  
  6c07708b750ff2e650ab3845544b138b65a597c4
- SHA256
  
  75028b8f62067e103aeda12fb97b3f99404e7a9a12bbb4525e3e3a8f9fbe5f3f
- SHA512
  
  899d5fabfa77d237e533615b10bd659965ffd212f015e6a8dbf6bd729a0c0b0af29a05db41721182987ffdd8dd1be72cb352577c53baf12fd49280fe62b338a0
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2