General

  • Target

    e4e21ac17c50da2f69e69596c64ea877_JaffaCakes118

  • Size

    78KB

  • Sample

    240407-n8zjqacc9s

  • MD5

    e4e21ac17c50da2f69e69596c64ea877

  • SHA1

    db27c1242542fe46c44f4ee2e3cbd86b96193c06

  • SHA256

    0b7c2627339d0f0ca50f7dae3f2861e0c98d1bd5f07c5b29b1d7125600cb8c6b

  • SHA512

    1897870b099c454e940940549f71d8538d12fbb2351510f40c06dab59278f959addbb268b13a5a679dd9446ff50d88037dbcf253aa53c1d361795992156d377c

  • SSDEEP

    1536:GtHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte/9/ik19e:GtHYnhASyRxvhTzXPvCbW2Ue/9/Q

Malware Config

Targets

    • Target

      e4e21ac17c50da2f69e69596c64ea877_JaffaCakes118

    • Size

      78KB

    • MD5

      e4e21ac17c50da2f69e69596c64ea877

    • SHA1

      db27c1242542fe46c44f4ee2e3cbd86b96193c06

    • SHA256

      0b7c2627339d0f0ca50f7dae3f2861e0c98d1bd5f07c5b29b1d7125600cb8c6b

    • SHA512

      1897870b099c454e940940549f71d8538d12fbb2351510f40c06dab59278f959addbb268b13a5a679dd9446ff50d88037dbcf253aa53c1d361795992156d377c

    • SSDEEP

      1536:GtHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte/9/ik19e:GtHYnhASyRxvhTzXPvCbW2Ue/9/Q

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks