General
-
Target
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
Size
78KB
-
Sample
220516-n79nasafd9
-
MD5
047e2b220274efec3654b82f56552676
-
SHA1
3df7a72f37c4ad0b94ecfa4e83071cbcd6271235
-
SHA256
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
SHA512
7d3b0897b4be725ede778dd16f682a6886773a9eddc1847dfbd5ef177a8a627bf9c0d00acf83d0367c44a702ba8587708fdcef41b72628a6c1df6569b98a1b07
Static task
static1
Behavioral task
behavioral1
Sample
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
Size
78KB
-
MD5
047e2b220274efec3654b82f56552676
-
SHA1
3df7a72f37c4ad0b94ecfa4e83071cbcd6271235
-
SHA256
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
SHA512
7d3b0897b4be725ede778dd16f682a6886773a9eddc1847dfbd5ef177a8a627bf9c0d00acf83d0367c44a702ba8587708fdcef41b72628a6c1df6569b98a1b07
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-