General
-
Target
NEAS.baac9206225f41b4e88956f9151cc840.exe
-
Size
78KB
-
Sample
231101-e3ta3sad5s
-
MD5
baac9206225f41b4e88956f9151cc840
-
SHA1
0a1b700b6cfa809c544b538986b0164a64d97a39
-
SHA256
e8ca724de0fef61db7210c306efd5c7793fb20daa3e17852604574a9a77711d6
-
SHA512
1b89451e85d88bb342c364689e1bbbefdc5caaf56760ec27bd571f8aa42ed9aceb46ce5e4eb85c7b5242692b397b4b0a4744842ac82df4d7b108cb6b3b7cef51
-
SSDEEP
1536:d4V5jSfVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtC6769/cz1cp:d4V5jSf/vqyA11XYUBxprBPjcj69/H
Malware Config
Targets
-
-
Target
NEAS.baac9206225f41b4e88956f9151cc840.exe
-
Size
78KB
-
MD5
baac9206225f41b4e88956f9151cc840
-
SHA1
0a1b700b6cfa809c544b538986b0164a64d97a39
-
SHA256
e8ca724de0fef61db7210c306efd5c7793fb20daa3e17852604574a9a77711d6
-
SHA512
1b89451e85d88bb342c364689e1bbbefdc5caaf56760ec27bd571f8aa42ed9aceb46ce5e4eb85c7b5242692b397b4b0a4744842ac82df4d7b108cb6b3b7cef51
-
SSDEEP
1536:d4V5jSfVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtC6769/cz1cp:d4V5jSf/vqyA11XYUBxprBPjcj69/H
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-