metamorpherrat | 217fec3dfad9aec6d8aed3168dfaabfd275117e2fce08be8d362a0565ab9b4cc | Triage

Sharing

General

Target

217fec3dfad9aec6d8aed3168dfaabfd275117e2fce08be8d362a0565ab9b4cc
Size

78KB
Sample

220330-k6h76sbba4
MD5

01512058be0a28a400ad3b3c8f7a8cd4
SHA1

b0c69acd1f534724b97b3cf10459cfb30c24d14e
SHA256

217fec3dfad9aec6d8aed3168dfaabfd275117e2fce08be8d362a0565ab9b4cc
SHA512

d957f42c463568fab2d5e11dd723b4347d6883623261fde4481ccb01013207556c0cfe486045c89635f266f9c39edd51ba635592f6a4f324e651f45f5194b02e

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  217fec3dfad9aec6d8aed3168dfaabfd275117e2fce08be8d362a0565ab9b4cc
- Size
  
  78KB
- MD5
  
  01512058be0a28a400ad3b3c8f7a8cd4
- SHA1
  
  b0c69acd1f534724b97b3cf10459cfb30c24d14e
- SHA256
  
  217fec3dfad9aec6d8aed3168dfaabfd275117e2fce08be8d362a0565ab9b4cc
- SHA512
  
  d957f42c463568fab2d5e11dd723b4347d6883623261fde4481ccb01013207556c0cfe486045c89635f266f9c39edd51ba635592f6a4f324e651f45f5194b02e
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2