General

  • Target

    59e4d7381bc4f6fb0ecab5dae0ea4524

  • Size

    78KB

  • Sample

    231226-hbwhxafdfn

  • MD5

    59e4d7381bc4f6fb0ecab5dae0ea4524

  • SHA1

    ff2069e6e43edbbcfdb1d3af7dea764b7cddacec

  • SHA256

    3ac8676a1a323bf1b9346c002e4cc9e67b976d16607ff85b95ef1ae7e0774830

  • SHA512

    f1479b03154d3bfbfefd8bdafc9901b358899e1ae53d4d9c31057ad154c39078fad54fecc6348c64a697e20f9163a3eeb5003ee2945d06bbff47d8b752e270c6

  • SSDEEP

    1536:buHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQteR9/+R1rI:buHYn3xSyRxvY3md+dWWZyeR9/+Y

Malware Config

Targets

    • Target

      59e4d7381bc4f6fb0ecab5dae0ea4524

    • Size

      78KB

    • MD5

      59e4d7381bc4f6fb0ecab5dae0ea4524

    • SHA1

      ff2069e6e43edbbcfdb1d3af7dea764b7cddacec

    • SHA256

      3ac8676a1a323bf1b9346c002e4cc9e67b976d16607ff85b95ef1ae7e0774830

    • SHA512

      f1479b03154d3bfbfefd8bdafc9901b358899e1ae53d4d9c31057ad154c39078fad54fecc6348c64a697e20f9163a3eeb5003ee2945d06bbff47d8b752e270c6

    • SSDEEP

      1536:buHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQteR9/+R1rI:buHYn3xSyRxvY3md+dWWZyeR9/+Y

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks