General
-
Target
bbec4bc9ce41bd153e6645a7318ca4e7baee13ca39a6d952bfa08352f9666886
-
Size
78KB
-
Sample
220508-waka5sghck
-
MD5
0076c31673c59cad62f795210aaa96e2
-
SHA1
a819bcca450431310dae5423110c9d227f167327
-
SHA256
bbec4bc9ce41bd153e6645a7318ca4e7baee13ca39a6d952bfa08352f9666886
-
SHA512
cd5ae8b97052e259417b497136bf6da4b3806261d08d78a783fdc530ef09e2777c6360d2756df44dcd6a24978b3dba540a59bea645da57321d9c69335bf8bd9f
Malware Config
Targets
-
-
Target
bbec4bc9ce41bd153e6645a7318ca4e7baee13ca39a6d952bfa08352f9666886
-
Size
78KB
-
MD5
0076c31673c59cad62f795210aaa96e2
-
SHA1
a819bcca450431310dae5423110c9d227f167327
-
SHA256
bbec4bc9ce41bd153e6645a7318ca4e7baee13ca39a6d952bfa08352f9666886
-
SHA512
cd5ae8b97052e259417b497136bf6da4b3806261d08d78a783fdc530ef09e2777c6360d2756df44dcd6a24978b3dba540a59bea645da57321d9c69335bf8bd9f
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-