General
-
Target
NEAS.49a58653f1251ed9e02f49d3c142c520.exe
-
Size
78KB
-
Sample
231028-yl9fhsfd8z
-
MD5
49a58653f1251ed9e02f49d3c142c520
-
SHA1
652ccbcb74bb76164f835bf5b96b10b6665d913b
-
SHA256
7696a1134f6db4f180f3cc7bac0899c9e07707d32b26b2033e759de4552a7136
-
SHA512
98b75cf3bb4c5f5ccf32229869028f579e49a645d0f0c51abf12d34a1355e0e2b561db85cd72c164900888d89c2ec49c0c4a030c167db48a959676f240be4ff2
-
SSDEEP
1536:l5jSDXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtN6z9/uD1I6:l5jSzSyRxvY3md+dWWZyU9/i
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.49a58653f1251ed9e02f49d3c142c520.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.49a58653f1251ed9e02f49d3c142c520.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.49a58653f1251ed9e02f49d3c142c520.exe
-
Size
78KB
-
MD5
49a58653f1251ed9e02f49d3c142c520
-
SHA1
652ccbcb74bb76164f835bf5b96b10b6665d913b
-
SHA256
7696a1134f6db4f180f3cc7bac0899c9e07707d32b26b2033e759de4552a7136
-
SHA512
98b75cf3bb4c5f5ccf32229869028f579e49a645d0f0c51abf12d34a1355e0e2b561db85cd72c164900888d89c2ec49c0c4a030c167db48a959676f240be4ff2
-
SSDEEP
1536:l5jSDXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtN6z9/uD1I6:l5jSzSyRxvY3md+dWWZyU9/i
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-