General
-
Target
cf0a727b7407810bf9200e55c35569c2816e5f9213dcbc18c778955b5d69dfe8
-
Size
512KB
-
Sample
221012-tvpp9abcbr
-
MD5
7986dfc5ba3a34272aad6b1128d04462
-
SHA1
1f26a98dafa6d33c09b57cc719df618eabe8d830
-
SHA256
cf0a727b7407810bf9200e55c35569c2816e5f9213dcbc18c778955b5d69dfe8
-
SHA512
4582fd8c31f977faf3c815723f77b95406e67de9d5405b20cb8e35586b3cf9deb0de1299779160a88274cc711a82d88dfe235d2e3ef9ea496a336ee6fc4dea80
-
SSDEEP
12288:Ih1Lk70TnvjcM5ez2rZEo2J1nPIs9iQLsRZYqhipVgtPp:Uk70TrcUTrV2J1nWQOce
Malware Config
Targets
-
-
Target
cf0a727b7407810bf9200e55c35569c2816e5f9213dcbc18c778955b5d69dfe8
-
Size
512KB
-
MD5
7986dfc5ba3a34272aad6b1128d04462
-
SHA1
1f26a98dafa6d33c09b57cc719df618eabe8d830
-
SHA256
cf0a727b7407810bf9200e55c35569c2816e5f9213dcbc18c778955b5d69dfe8
-
SHA512
4582fd8c31f977faf3c815723f77b95406e67de9d5405b20cb8e35586b3cf9deb0de1299779160a88274cc711a82d88dfe235d2e3ef9ea496a336ee6fc4dea80
-
SSDEEP
12288:Ih1Lk70TnvjcM5ez2rZEo2J1nPIs9iQLsRZYqhipVgtPp:Uk70TrcUTrV2J1nWQOce
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-