General
-
Target
e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118
-
Size
78KB
-
Sample
240407-m7n6xsbf92
-
MD5
e4c6f58dd23f7d8de42328c0d7efc696
-
SHA1
703843ec5e540fd265b9d741ae9142eb0dfc09e7
-
SHA256
7585a46378ada9731344f3512b22d52bb324e20cf08562488371f187c2f30cc1
-
SHA512
f7b54c893af204832adf1165d7e0fd18e8b6109ad53a69c972f29c91bf7c25a80c048ed8ec8024207fa96651bfe7c2dcbd3af28301d0dd06af3ea694aaf56da9
-
SSDEEP
1536:kPy5jSZLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/l1MI:kPy5jSxE2EwR4uY41HyvYp9/l
Static task
static1
Behavioral task
behavioral1
Sample
e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118
-
Size
78KB
-
MD5
e4c6f58dd23f7d8de42328c0d7efc696
-
SHA1
703843ec5e540fd265b9d741ae9142eb0dfc09e7
-
SHA256
7585a46378ada9731344f3512b22d52bb324e20cf08562488371f187c2f30cc1
-
SHA512
f7b54c893af204832adf1165d7e0fd18e8b6109ad53a69c972f29c91bf7c25a80c048ed8ec8024207fa96651bfe7c2dcbd3af28301d0dd06af3ea694aaf56da9
-
SSDEEP
1536:kPy5jSZLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/l1MI:kPy5jSxE2EwR4uY41HyvYp9/l
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-