General
-
Target
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436
-
Size
78KB
-
Sample
220512-avdhfahbel
-
MD5
bc8519c37d03de75548c5fe4cba2bf1a
-
SHA1
e01029a2247c9f81b89fa7baba6ce8f2abacac5e
-
SHA256
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436
-
SHA512
d2b1ce64fcec763ac8c74696cddedd9e29ad7756947945484a4884a67fc01fc7c9ccf1314496be839d16423c4fd700fe869ff9b62758711d663db07bf8813017
Static task
static1
Behavioral task
behavioral1
Sample
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436
-
Size
78KB
-
MD5
bc8519c37d03de75548c5fe4cba2bf1a
-
SHA1
e01029a2247c9f81b89fa7baba6ce8f2abacac5e
-
SHA256
f60dd245206ba562e21c7efd91963919327266b6fed236a8326f60e39970c436
-
SHA512
d2b1ce64fcec763ac8c74696cddedd9e29ad7756947945484a4884a67fc01fc7c9ccf1314496be839d16423c4fd700fe869ff9b62758711d663db07bf8813017
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-