Overview

overview

10

Static

static

3

18fc39d56b...ce.exe

windows7-x64

10

18fc39d56b...ce.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    18fc39d56b5c72e4ec17822def7240ce

  • Size

    78KB

  • Sample

    231230-p1nb6abfbp

  • MD5

    18fc39d56b5c72e4ec17822def7240ce

  • SHA1

    4ade4546ec1f91d554a12b89a3f11f3ef0e09115

  • SHA256

    ddaa33ae22f7eec2f52aa4abbfd9e35f700f48dc09d49047989f5c619f1acb0a

  • SHA512

    a3ab9d03374b19cca67f8b1cf8c9502e669a83bfcb421057ff3d00d1aae833323d81b107c5fff9bc8c70475226b5067e38e2fd85d83da3ac0ca7f51f9fadd53c

  • SSDEEP

    1536:euHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte79/f1/k:euHYnhASyRxvhTzXPvCbW2Ue79/S

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      18fc39d56b5c72e4ec17822def7240ce

    • Size

      78KB

    • MD5

      18fc39d56b5c72e4ec17822def7240ce

    • SHA1

      4ade4546ec1f91d554a12b89a3f11f3ef0e09115

    • SHA256

      ddaa33ae22f7eec2f52aa4abbfd9e35f700f48dc09d49047989f5c619f1acb0a

    • SHA512

      a3ab9d03374b19cca67f8b1cf8c9502e669a83bfcb421057ff3d00d1aae833323d81b107c5fff9bc8c70475226b5067e38e2fd85d83da3ac0ca7f51f9fadd53c

    • SSDEEP

      1536:euHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte79/f1/k:euHYnhASyRxvhTzXPvCbW2Ue79/S

    Score
    10/10
    metamorpherratpersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks