General
-
Target
NEAS.9850c407d71628fbf2eb2737829ac270.exe
-
Size
78KB
-
Sample
231101-rkljqsea3x
-
MD5
9850c407d71628fbf2eb2737829ac270
-
SHA1
e95af7392ab7ef21c52d4ec879dc270bed63c0c9
-
SHA256
4822e0a174993ea5470d289467f9fc055ebb48a0140c9d1269a5bf0e510b644b
-
SHA512
9802a2e9b1787c5ebcddc8939477d57b51a4fc26ce8753b91cdc03de1b49eb66170ae1009c4d87a8abd1dedcf5c89a2ef8e23c460b65fad1f5bd28da8685b017
-
SSDEEP
1536:ZRy5jJXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC6DS9/Y1pC:ZRy5j5SyRxvY3md+dWWZybS9/h
Malware Config
Targets
-
-
Target
NEAS.9850c407d71628fbf2eb2737829ac270.exe
-
Size
78KB
-
MD5
9850c407d71628fbf2eb2737829ac270
-
SHA1
e95af7392ab7ef21c52d4ec879dc270bed63c0c9
-
SHA256
4822e0a174993ea5470d289467f9fc055ebb48a0140c9d1269a5bf0e510b644b
-
SHA512
9802a2e9b1787c5ebcddc8939477d57b51a4fc26ce8753b91cdc03de1b49eb66170ae1009c4d87a8abd1dedcf5c89a2ef8e23c460b65fad1f5bd28da8685b017
-
SSDEEP
1536:ZRy5jJXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC6DS9/Y1pC:ZRy5j5SyRxvY3md+dWWZybS9/h
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-