General
-
Target
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a
-
Size
78KB
-
Sample
221023-hvaesahaa5
-
MD5
ffc69516a66858e500dcc05a39fa3d78
-
SHA1
806791dd76c2419e5c1ee1c61f661babf2d2bb83
-
SHA256
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a
-
SHA512
fa1e052c94236ffdcecadce525a29af2fa6fa6eb48b03f6e9254e1ca36a88ec7c3c7dddbd1e9bce5d4338da5da164870408f03a14111577ad2702fb2fe2ed081
-
SSDEEP
1536:cRy58MpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd69v9/S1Zm:cRy58iJywQjDgTLopLwdCFJz+v9/D
Static task
static1
Behavioral task
behavioral1
Sample
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a
-
Size
78KB
-
MD5
ffc69516a66858e500dcc05a39fa3d78
-
SHA1
806791dd76c2419e5c1ee1c61f661babf2d2bb83
-
SHA256
852c2b9cbfcf416bc8c0d770fd7e1cb7af517c208f1e02bedbf1ab2ac6c7f18a
-
SHA512
fa1e052c94236ffdcecadce525a29af2fa6fa6eb48b03f6e9254e1ca36a88ec7c3c7dddbd1e9bce5d4338da5da164870408f03a14111577ad2702fb2fe2ed081
-
SSDEEP
1536:cRy58MpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd69v9/S1Zm:cRy58iJywQjDgTLopLwdCFJz+v9/D
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-