General

  • Target

    01ff65b4f7f64b30d1c52c26410bddc33baaf89de9c729dacb310c2aced56b76

  • Size

    78KB

  • Sample

    240407-wqpwkaah72

  • MD5

    340bd3047d05d3ec3338f222fcb790c5

  • SHA1

    a196229ebd7017ac4118096ab11a5747e18fbac6

  • SHA256

    01ff65b4f7f64b30d1c52c26410bddc33baaf89de9c729dacb310c2aced56b76

  • SHA512

    a1befbc483ae40b652d9c5b5c29b8ce29ab4cbee997b39b97758e4637fd560b914dd5e03670c224a5e37239c7576f222538efcfc063f1dc3bcb05bccd2706fe8

  • SSDEEP

    1536:ARWV58Vdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96C9/L1CE:ARWV58An7N041Qqhgl9/5

Malware Config

Targets

    • Target

      01ff65b4f7f64b30d1c52c26410bddc33baaf89de9c729dacb310c2aced56b76

    • Size

      78KB

    • MD5

      340bd3047d05d3ec3338f222fcb790c5

    • SHA1

      a196229ebd7017ac4118096ab11a5747e18fbac6

    • SHA256

      01ff65b4f7f64b30d1c52c26410bddc33baaf89de9c729dacb310c2aced56b76

    • SHA512

      a1befbc483ae40b652d9c5b5c29b8ce29ab4cbee997b39b97758e4637fd560b914dd5e03670c224a5e37239c7576f222538efcfc063f1dc3bcb05bccd2706fe8

    • SSDEEP

      1536:ARWV58Vdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt96C9/L1CE:ARWV58An7N041Qqhgl9/5

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks