Overview

overview

10

Static

static

3

0871276997...09.exe

windows7-x64

10

0871276997...09.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    087127699707ac6a2ed047227ed0c909

  • Size

    78KB

  • Sample

    231230-aptx8sahc5

  • MD5

    087127699707ac6a2ed047227ed0c909

  • SHA1

    b587c245978c2a67cb934501a2f9b54adf6d2a39

  • SHA256

    aa8deb75c9f50318e05c4f7d9899d9ce5071da30d4f4e63070ec501bbb25651d

  • SHA512

    3fc626feb40f5c538a13b6e630639861c9d525bf6d01d28c8a75fd6a9de6aa819ed462efa5f0a908fb5b278b4b5d58ac0f19f2d17b11cd0ef9cb79e52efe7b86

  • SSDEEP

    1536:Ac5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6E9/hb1yH:Ac5jS+E2EwR4uY41HyvYM9/w

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      087127699707ac6a2ed047227ed0c909

    • Size

      78KB

    • MD5

      087127699707ac6a2ed047227ed0c909

    • SHA1

      b587c245978c2a67cb934501a2f9b54adf6d2a39

    • SHA256

      aa8deb75c9f50318e05c4f7d9899d9ce5071da30d4f4e63070ec501bbb25651d

    • SHA512

      3fc626feb40f5c538a13b6e630639861c9d525bf6d01d28c8a75fd6a9de6aa819ed462efa5f0a908fb5b278b4b5d58ac0f19f2d17b11cd0ef9cb79e52efe7b86

    • SSDEEP

      1536:Ac5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6E9/hb1yH:Ac5jS+E2EwR4uY41HyvYM9/w

    Score
    10/10
    metamorpherratratstealertrojanpersistence

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks