General
-
Target
6a915f4d83626cf9f7c419dd57451f3c1f123f1eb82fce11b5bd62ab7c5dc94d
-
Size
78KB
-
Sample
221113-qret4aed61
-
MD5
abc3226e9fd2606a3a3d6568c2a717bf
-
SHA1
62d6486d7d04639445f90eb9943fa9b0a3e1222e
-
SHA256
6a915f4d83626cf9f7c419dd57451f3c1f123f1eb82fce11b5bd62ab7c5dc94d
-
SHA512
f81bc5d0351603378ef52babdaa51571db6990bdd929cdb388e9c4a53642d6203619ca94f5144c8bda1b9992c18b8cde89de2a0bbd9bc327b4e1894a41d64438
-
SSDEEP
1536:g5jidy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC689/d1hM:g5j9n7N041QqhgE9/G
Malware Config
Targets
-
-
Target
6a915f4d83626cf9f7c419dd57451f3c1f123f1eb82fce11b5bd62ab7c5dc94d
-
Size
78KB
-
MD5
abc3226e9fd2606a3a3d6568c2a717bf
-
SHA1
62d6486d7d04639445f90eb9943fa9b0a3e1222e
-
SHA256
6a915f4d83626cf9f7c419dd57451f3c1f123f1eb82fce11b5bd62ab7c5dc94d
-
SHA512
f81bc5d0351603378ef52babdaa51571db6990bdd929cdb388e9c4a53642d6203619ca94f5144c8bda1b9992c18b8cde89de2a0bbd9bc327b4e1894a41d64438
-
SSDEEP
1536:g5jidy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC689/d1hM:g5j9n7N041QqhgE9/G
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-