Overview

overview

10

Static

static

3

6497ad6c56...c5.exe

windows7-x64

10

6497ad6c56...c5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6497ad6c56bec7351706fc32f2011cc5

  • Size

    78KB

  • Sample

    240118-f7yxssdecq

  • MD5

    6497ad6c56bec7351706fc32f2011cc5

  • SHA1

    fd74ef572c25c17d4863b5e471f2171b05a494d6

  • SHA256

    9634a37bfde24cbe5d8c12ae7c998e7bcd0b414ca42c875cb9ed2d4d1ec5e9f4

  • SHA512

    79e53315c5592b8651ae33cc17dbbea4f35526cc0aadd03622c50f40c0afb5568e90be954f14b5836c75505b84bcbfe376756ecb50e5a9febb313f691a336924

  • SSDEEP

    1536:m4tHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt+9//1KY:m4tHYnhASyRxvhTzXPvCbW2U+9/x

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      6497ad6c56bec7351706fc32f2011cc5

    • Size

      78KB

    • MD5

      6497ad6c56bec7351706fc32f2011cc5

    • SHA1

      fd74ef572c25c17d4863b5e471f2171b05a494d6

    • SHA256

      9634a37bfde24cbe5d8c12ae7c998e7bcd0b414ca42c875cb9ed2d4d1ec5e9f4

    • SHA512

      79e53315c5592b8651ae33cc17dbbea4f35526cc0aadd03622c50f40c0afb5568e90be954f14b5836c75505b84bcbfe376756ecb50e5a9febb313f691a336924

    • SSDEEP

      1536:m4tHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt+9//1KY:m4tHYnhASyRxvhTzXPvCbW2U+9/x

    Score
    10/10
    metamorpherratpersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks