General
-
Target
NEAS.0f5b04c0ffe3189f7f3ef85f9013b080.exe
-
Size
78KB
-
Sample
231024-z452gsah4z
-
MD5
0f5b04c0ffe3189f7f3ef85f9013b080
-
SHA1
fcf188f36ae97d3c844597b1a58e2321208a839e
-
SHA256
071ed15cb28ab595c6605506a7cb12cd407d0e28033551b10fdbd5c1a2006c57
-
SHA512
f640d442922d00c6bf70b95ac3507c7fc5905be566fa0cf702bf157619da9abb0c8185c79fd5b3a0cf7018ed1ce46b229ec58cea4f0cb5b081b648eaaf1691a9
-
SSDEEP
1536:bzWV5+Vdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQt961k9/Y1yaB:3WV5+/vqyA11XYUBxprBPjcGk9/V2
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.0f5b04c0ffe3189f7f3ef85f9013b080.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.0f5b04c0ffe3189f7f3ef85f9013b080.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.0f5b04c0ffe3189f7f3ef85f9013b080.exe
-
Size
78KB
-
MD5
0f5b04c0ffe3189f7f3ef85f9013b080
-
SHA1
fcf188f36ae97d3c844597b1a58e2321208a839e
-
SHA256
071ed15cb28ab595c6605506a7cb12cd407d0e28033551b10fdbd5c1a2006c57
-
SHA512
f640d442922d00c6bf70b95ac3507c7fc5905be566fa0cf702bf157619da9abb0c8185c79fd5b3a0cf7018ed1ce46b229ec58cea4f0cb5b081b648eaaf1691a9
-
SSDEEP
1536:bzWV5+Vdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQt961k9/Y1yaB:3WV5+/vqyA11XYUBxprBPjcGk9/V2
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-