General

  • Target

    e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118

  • Size

    78KB

  • Sample

    240407-m7n6xsbf92

  • MD5

    e4c6f58dd23f7d8de42328c0d7efc696

  • SHA1

    703843ec5e540fd265b9d741ae9142eb0dfc09e7

  • SHA256

    7585a46378ada9731344f3512b22d52bb324e20cf08562488371f187c2f30cc1

  • SHA512

    f7b54c893af204832adf1165d7e0fd18e8b6109ad53a69c972f29c91bf7c25a80c048ed8ec8024207fa96651bfe7c2dcbd3af28301d0dd06af3ea694aaf56da9

  • SSDEEP

    1536:kPy5jSZLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/l1MI:kPy5jSxE2EwR4uY41HyvYp9/l

Malware Config

Targets

    • Target

      e4c6f58dd23f7d8de42328c0d7efc696_JaffaCakes118

    • Size

      78KB

    • MD5

      e4c6f58dd23f7d8de42328c0d7efc696

    • SHA1

      703843ec5e540fd265b9d741ae9142eb0dfc09e7

    • SHA256

      7585a46378ada9731344f3512b22d52bb324e20cf08562488371f187c2f30cc1

    • SHA512

      f7b54c893af204832adf1165d7e0fd18e8b6109ad53a69c972f29c91bf7c25a80c048ed8ec8024207fa96651bfe7c2dcbd3af28301d0dd06af3ea694aaf56da9

    • SSDEEP

      1536:kPy5jSZLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/l1MI:kPy5jSxE2EwR4uY41HyvYp9/l

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks