General
-
Target
d9812bb6700c46fe3194bcdc4ab101abf29cb318b7d2212b85d38ae910c23db6
-
Size
78KB
-
Sample
220606-2hlf3acge8
-
MD5
bca232d75b22ea2eb38d8875fdba585c
-
SHA1
1b0721050bf6d2d208deb945f7cac8ff28e5c35a
-
SHA256
d9812bb6700c46fe3194bcdc4ab101abf29cb318b7d2212b85d38ae910c23db6
-
SHA512
6f70e3c4fa7ee9ec8277c07d656e9be7bbdde8f302d844f56ab106ca176470d300af636bc07cdfb128f3e835d8155ccf7bd0525e09b2fd47982263817a1faf5f
Malware Config
Targets
-
-
Target
d9812bb6700c46fe3194bcdc4ab101abf29cb318b7d2212b85d38ae910c23db6
-
Size
78KB
-
MD5
bca232d75b22ea2eb38d8875fdba585c
-
SHA1
1b0721050bf6d2d208deb945f7cac8ff28e5c35a
-
SHA256
d9812bb6700c46fe3194bcdc4ab101abf29cb318b7d2212b85d38ae910c23db6
-
SHA512
6f70e3c4fa7ee9ec8277c07d656e9be7bbdde8f302d844f56ab106ca176470d300af636bc07cdfb128f3e835d8155ccf7bd0525e09b2fd47982263817a1faf5f
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-