General

  • Target

    d43e10b4f39738f711608efe55db80cf

  • Size

    78KB

  • Sample

    240318-xdarjsgb4t

  • MD5

    d43e10b4f39738f711608efe55db80cf

  • SHA1

    ee82d6ff8cdc432179c21ef964f71e81098c02cf

  • SHA256

    a4ff5b98b2f01d0678bff0de141944d1471ef3d95b1d9e312a2a5bf0ee2462fb

  • SHA512

    8341e61a701c5db30b6e7c901156398a922b2a7b5335c2e7eb76a8231588520d6fa2a7f8607fcfdcadc33f221787657c8abfc8c4d95900a3338247d15c442f10

  • SSDEEP

    1536:dPCHY6JIdXT0XRhyRjVf3HaXOJR0zcEIvCZ1xjs9np/IPioYJbQtS9/PL1QG:dPCHYOINSyRxvHF5vCbxwpI6WS9/P1

Malware Config

Targets

    • Target

      d43e10b4f39738f711608efe55db80cf

    • Size

      78KB

    • MD5

      d43e10b4f39738f711608efe55db80cf

    • SHA1

      ee82d6ff8cdc432179c21ef964f71e81098c02cf

    • SHA256

      a4ff5b98b2f01d0678bff0de141944d1471ef3d95b1d9e312a2a5bf0ee2462fb

    • SHA512

      8341e61a701c5db30b6e7c901156398a922b2a7b5335c2e7eb76a8231588520d6fa2a7f8607fcfdcadc33f221787657c8abfc8c4d95900a3338247d15c442f10

    • SSDEEP

      1536:dPCHY6JIdXT0XRhyRjVf3HaXOJR0zcEIvCZ1xjs9np/IPioYJbQtS9/PL1QG:dPCHYOINSyRxvHF5vCbxwpI6WS9/P1

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks