General

  • Target

    df701323ada033b1405f7dc1c94a8438144f5dd346363b4de0533388dfc6d239

  • Size

    78KB

  • Sample

    240407-cfd7jaae49

  • MD5

    362062fc81dbcf7acdc966c4c4782c89

  • SHA1

    1463774dddf697f25f29f71a4da06a464fd30e78

  • SHA256

    df701323ada033b1405f7dc1c94a8438144f5dd346363b4de0533388dfc6d239

  • SHA512

    51a97da64da06d46e24a31d6558954ee7630b99552b115d16f1d8b2b59db8ae46b5e8e5e79419af746b924f3b024e55f78ba9b0e4c3f0c1e0d36af9a76496dce

  • SSDEEP

    1536:zWtHF3638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtes9/Y1Um:zWtHFq3Ln7N041Qqhges9/e

Malware Config

Targets

    • Target

      df701323ada033b1405f7dc1c94a8438144f5dd346363b4de0533388dfc6d239

    • Size

      78KB

    • MD5

      362062fc81dbcf7acdc966c4c4782c89

    • SHA1

      1463774dddf697f25f29f71a4da06a464fd30e78

    • SHA256

      df701323ada033b1405f7dc1c94a8438144f5dd346363b4de0533388dfc6d239

    • SHA512

      51a97da64da06d46e24a31d6558954ee7630b99552b115d16f1d8b2b59db8ae46b5e8e5e79419af746b924f3b024e55f78ba9b0e4c3f0c1e0d36af9a76496dce

    • SSDEEP

      1536:zWtHF3638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtes9/Y1Um:zWtHFq3Ln7N041Qqhges9/e

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks