metamorpherrat | 1ff5cb1c415094eefe90ac3784660193cabc23add29f9c2f1afcecb5d83c8251 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8953190e41bddf9e404fd39162821192
Size

78KB
Sample

240202-mx3lkaechl
MD5

8953190e41bddf9e404fd39162821192
SHA1

1805611fd76c99680429be1d965e1ea1770c3eab
SHA256

1ff5cb1c415094eefe90ac3784660193cabc23add29f9c2f1afcecb5d83c8251
SHA512

82a300ca461042d84e105fc7f9ea999b8740244261d9b98579a447a6824b3fed6c62bb02cf56485e9a9d3614a5037593be11e667d4c10a138941374455e11828
SSDEEP

1536:XStHHrdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLt9/c1sU:XStHLdSE2EwR4uY41HyvYLt9/4

Score

10^/10

metamorpherrat persistence rat stealer trojan

Malware Config

Targets

- Target
  
  8953190e41bddf9e404fd39162821192
- Size
  
  78KB
- MD5
  
  8953190e41bddf9e404fd39162821192
- SHA1
  
  1805611fd76c99680429be1d965e1ea1770c3eab
- SHA256
  
  1ff5cb1c415094eefe90ac3784660193cabc23add29f9c2f1afcecb5d83c8251
- SHA512
  
  82a300ca461042d84e105fc7f9ea999b8740244261d9b98579a447a6824b3fed6c62bb02cf56485e9a9d3614a5037593be11e667d4c10a138941374455e11828
- SSDEEP
  
  1536:XStHHrdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLt9/c1sU:XStHLdSE2EwR4uY41HyvYLt9/4
Score

10^/10

metamorpherrat persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratpersistenceratstealertrojan

behavioral2