General
-
Target
90979312cb120d928164a0e6e921e826f1491a0b5fa82c60307b126e060c4eb0
-
Size
78KB
-
Sample
221023-ltvk4shgan
-
MD5
aa40f7549e3e95321864e35cdda455db
-
SHA1
7724c529780a900aaf3754b762f02dcd37a0877c
-
SHA256
90979312cb120d928164a0e6e921e826f1491a0b5fa82c60307b126e060c4eb0
-
SHA512
344e73d0c57de54dd3e4a8b262602446354127f224f41485b3a567b4f1c9605fad1b0b75f4e2c8d7c88a3d3c518b1fa6992b73168fcfac10ffa430c619e1b8e2
-
SSDEEP
1536:1e58AvZv0kH9gDDtWzYCnJPeoYrGQt36xy9/K1kM:1e58Al0Y9MDYrm7x9/+
Malware Config
Targets
-
-
Target
90979312cb120d928164a0e6e921e826f1491a0b5fa82c60307b126e060c4eb0
-
Size
78KB
-
MD5
aa40f7549e3e95321864e35cdda455db
-
SHA1
7724c529780a900aaf3754b762f02dcd37a0877c
-
SHA256
90979312cb120d928164a0e6e921e826f1491a0b5fa82c60307b126e060c4eb0
-
SHA512
344e73d0c57de54dd3e4a8b262602446354127f224f41485b3a567b4f1c9605fad1b0b75f4e2c8d7c88a3d3c518b1fa6992b73168fcfac10ffa430c619e1b8e2
-
SSDEEP
1536:1e58AvZv0kH9gDDtWzYCnJPeoYrGQt36xy9/K1kM:1e58Al0Y9MDYrm7x9/+
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-