Overview

overview

10

Static

static

3

0e7d09487b...ee.exe

windows7-x64

7

0e7d09487b...ee.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0e7d09487bc7f85b0684d1ed730314ee

  • Size

    78KB

  • Sample

    231225-h75fpacgf9

  • MD5

    0e7d09487bc7f85b0684d1ed730314ee

  • SHA1

    520f6d6981d4733a25501be9a5b70de84058ebfe

  • SHA256

    4c21c4d48f38514250f9ab644a968431894c36098a3ae8f04199b24b1bf6b4a5

  • SHA512

    1922f2efbd35a9a3c566222fb6d3d6fd21e1912e05a5e81e5a83e66dd31bae11e78d06b16b05455995a089758877e498fd296a3663cda32a4facd560be1f2cee

  • SSDEEP

    1536:5e58LLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6U9/TG14e:5e583E2EwR4uY41HyvYM9/T4

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      0e7d09487bc7f85b0684d1ed730314ee

    • Size

      78KB

    • MD5

      0e7d09487bc7f85b0684d1ed730314ee

    • SHA1

      520f6d6981d4733a25501be9a5b70de84058ebfe

    • SHA256

      4c21c4d48f38514250f9ab644a968431894c36098a3ae8f04199b24b1bf6b4a5

    • SHA512

      1922f2efbd35a9a3c566222fb6d3d6fd21e1912e05a5e81e5a83e66dd31bae11e78d06b16b05455995a089758877e498fd296a3663cda32a4facd560be1f2cee

    • SSDEEP

      1536:5e58LLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6U9/TG14e:5e583E2EwR4uY41HyvYM9/T4

    Score
    10/10
    persistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks