Overview

overview

10

Static

static

3

c8a5290632...58.exe

windows7-x64

10

c8a5290632...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c8a5290632bf7cf24d441c6e5fe2c958

  • Size

    78KB

  • Sample

    240314-pxzk1scc61

  • MD5

    c8a5290632bf7cf24d441c6e5fe2c958

  • SHA1

    6812bc07c1d98100d0b49f37b097ee1b1151eea3

  • SHA256

    0238d2e72264c3f0d27138a844504645148afbd5180a97ceaa50c14003bcc249

  • SHA512

    6348d7bdfe8c1a0b957a52570b84dce12785ec5ccb541ac86a50d24b299e827016ef08160130fe9745a9be36c8823178bb456ae513cd15e10a9b98aa4578f41c

  • SSDEEP

    1536:xy5jYdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96N9/41LL:xy5jnn7N041Qqhgu9/e

Score
10/10
metamorpherratpersistenceratstealertrojan

Malware Config

Targets

    • Target

      c8a5290632bf7cf24d441c6e5fe2c958

    • Size

      78KB

    • MD5

      c8a5290632bf7cf24d441c6e5fe2c958

    • SHA1

      6812bc07c1d98100d0b49f37b097ee1b1151eea3

    • SHA256

      0238d2e72264c3f0d27138a844504645148afbd5180a97ceaa50c14003bcc249

    • SHA512

      6348d7bdfe8c1a0b957a52570b84dce12785ec5ccb541ac86a50d24b299e827016ef08160130fe9745a9be36c8823178bb456ae513cd15e10a9b98aa4578f41c

    • SSDEEP

      1536:xy5jYdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96N9/41LL:xy5jnn7N041Qqhgu9/e

    Score
    10/10
    metamorpherratpersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks