General
-
Target
0f88ee7284475cc452ae1ad91f042d0cee8599d5617227878f4f87e2af8a9ddf
-
Size
78KB
-
Sample
220509-ajm8haeber
-
MD5
049706e8f7a0c6b01a311664a87d2e36
-
SHA1
3cfb3a3d7601c6f47699da99f8d50069489934e0
-
SHA256
0f88ee7284475cc452ae1ad91f042d0cee8599d5617227878f4f87e2af8a9ddf
-
SHA512
88dbbbeb8b2f982fff0d91266e9e61bac07b8bb7ae1ad0dfb0af7bb81ee16387c6a55cc4512c48a10d1a8d695c53d8c012315c18eda37f66ce4d876349245588
Malware Config
Targets
-
-
Target
0f88ee7284475cc452ae1ad91f042d0cee8599d5617227878f4f87e2af8a9ddf
-
Size
78KB
-
MD5
049706e8f7a0c6b01a311664a87d2e36
-
SHA1
3cfb3a3d7601c6f47699da99f8d50069489934e0
-
SHA256
0f88ee7284475cc452ae1ad91f042d0cee8599d5617227878f4f87e2af8a9ddf
-
SHA512
88dbbbeb8b2f982fff0d91266e9e61bac07b8bb7ae1ad0dfb0af7bb81ee16387c6a55cc4512c48a10d1a8d695c53d8c012315c18eda37f66ce4d876349245588
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-