General
-
Target
HEUR-Trojan.Win32.Generic-f3d4c4142c30851be34e84e9329b4b4aa2f1232bec7ed1e44a7829237b336541.exe
-
Size
78KB
-
Sample
221228-lb9mbaaa85
-
MD5
c81293ebc99a7ae9d05ce8578d706985
-
SHA1
8e2fca3d280fa5d20da7313a60dc73c32cdfcadb
-
SHA256
f3d4c4142c30851be34e84e9329b4b4aa2f1232bec7ed1e44a7829237b336541
-
SHA512
295e5d1e6c46695bea6fb73249d8f92c72893ba5af76b782dcd0ded37df389e803c8812465053961d48665a0676b8697428ca5ed8dfd69e5f69b5cff8c04f5f8
-
SSDEEP
1536:KRWV5j+dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96jT9/Kf1Gpg:KRWV5jJn7N041Qqhg6T9/3m
Malware Config
Targets
-
-
Target
HEUR-Trojan.Win32.Generic-f3d4c4142c30851be34e84e9329b4b4aa2f1232bec7ed1e44a7829237b336541.exe
-
Size
78KB
-
MD5
c81293ebc99a7ae9d05ce8578d706985
-
SHA1
8e2fca3d280fa5d20da7313a60dc73c32cdfcadb
-
SHA256
f3d4c4142c30851be34e84e9329b4b4aa2f1232bec7ed1e44a7829237b336541
-
SHA512
295e5d1e6c46695bea6fb73249d8f92c72893ba5af76b782dcd0ded37df389e803c8812465053961d48665a0676b8697428ca5ed8dfd69e5f69b5cff8c04f5f8
-
SSDEEP
1536:KRWV5j+dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96jT9/Kf1Gpg:KRWV5jJn7N041Qqhg6T9/3m
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-