General
-
Target
d43e10b4f39738f711608efe55db80cf
-
Size
78KB
-
Sample
240318-xdarjsgb4t
-
MD5
d43e10b4f39738f711608efe55db80cf
-
SHA1
ee82d6ff8cdc432179c21ef964f71e81098c02cf
-
SHA256
a4ff5b98b2f01d0678bff0de141944d1471ef3d95b1d9e312a2a5bf0ee2462fb
-
SHA512
8341e61a701c5db30b6e7c901156398a922b2a7b5335c2e7eb76a8231588520d6fa2a7f8607fcfdcadc33f221787657c8abfc8c4d95900a3338247d15c442f10
-
SSDEEP
1536:dPCHY6JIdXT0XRhyRjVf3HaXOJR0zcEIvCZ1xjs9np/IPioYJbQtS9/PL1QG:dPCHYOINSyRxvHF5vCbxwpI6WS9/P1
Static task
static1
Behavioral task
behavioral1
Sample
d43e10b4f39738f711608efe55db80cf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d43e10b4f39738f711608efe55db80cf.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d43e10b4f39738f711608efe55db80cf
-
Size
78KB
-
MD5
d43e10b4f39738f711608efe55db80cf
-
SHA1
ee82d6ff8cdc432179c21ef964f71e81098c02cf
-
SHA256
a4ff5b98b2f01d0678bff0de141944d1471ef3d95b1d9e312a2a5bf0ee2462fb
-
SHA512
8341e61a701c5db30b6e7c901156398a922b2a7b5335c2e7eb76a8231588520d6fa2a7f8607fcfdcadc33f221787657c8abfc8c4d95900a3338247d15c442f10
-
SSDEEP
1536:dPCHY6JIdXT0XRhyRjVf3HaXOJR0zcEIvCZ1xjs9np/IPioYJbQtS9/PL1QG:dPCHYOINSyRxvHF5vCbxwpI6WS9/P1
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-