General
-
Target
NEAS.a3b6d40629f19f821af82550e96a9e30.exe
-
Size
78KB
-
Sample
231016-w6c7psaf97
-
MD5
a3b6d40629f19f821af82550e96a9e30
-
SHA1
68162fb22be5ad852edc5edf1a1acd4dedf1ce00
-
SHA256
46b99b1cfac5cf8751dcb9df1d9ea38163a9a3651b234b807161b38f27dfb727
-
SHA512
d66dd6549af99d757fd2ecc803e35a6228347eba8c6927b99e3bef7db39ce54615a7cd79c379dfa908eaa3c018bd441a83fb6c1d7544541e6d1d09bf6b4551bf
-
SSDEEP
1536:wPWtHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQt1E9/Rb1Dd:wPWtHFoI3DJywQjDgTLopLwdCFJz1E9Z
Malware Config
Targets
-
-
Target
NEAS.a3b6d40629f19f821af82550e96a9e30.exe
-
Size
78KB
-
MD5
a3b6d40629f19f821af82550e96a9e30
-
SHA1
68162fb22be5ad852edc5edf1a1acd4dedf1ce00
-
SHA256
46b99b1cfac5cf8751dcb9df1d9ea38163a9a3651b234b807161b38f27dfb727
-
SHA512
d66dd6549af99d757fd2ecc803e35a6228347eba8c6927b99e3bef7db39ce54615a7cd79c379dfa908eaa3c018bd441a83fb6c1d7544541e6d1d09bf6b4551bf
-
SSDEEP
1536:wPWtHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQt1E9/Rb1Dd:wPWtHFoI3DJywQjDgTLopLwdCFJz1E9Z
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-