General
-
Target
4fe1a1507329a5809758e567869e00db
-
Size
78KB
-
Sample
240409-2hf7caae8v
-
MD5
4fe1a1507329a5809758e567869e00db
-
SHA1
49a4c3136344c7e47cdcdad552ddbdc60cbea2cb
-
SHA256
3a8bbe0c069c3c01368596ca076d29bdb515ccf3a70feb7003419b1c48bc61b2
-
SHA512
64049e07cc0a996cf3fc8f53642fdb6e68b63338afd7771aeba4f4b305e53e6af276401da6b7f2b640ad1d3656d9518833380c277d1173d55356e0969a0be980
-
SSDEEP
1536:G4tHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtS9/Z1dl:G4tHa3Ln7N041QqhgS9/H
Static task
static1
Behavioral task
behavioral1
Sample
4fe1a1507329a5809758e567869e00db.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
4fe1a1507329a5809758e567869e00db.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
4fe1a1507329a5809758e567869e00db
-
Size
78KB
-
MD5
4fe1a1507329a5809758e567869e00db
-
SHA1
49a4c3136344c7e47cdcdad552ddbdc60cbea2cb
-
SHA256
3a8bbe0c069c3c01368596ca076d29bdb515ccf3a70feb7003419b1c48bc61b2
-
SHA512
64049e07cc0a996cf3fc8f53642fdb6e68b63338afd7771aeba4f4b305e53e6af276401da6b7f2b640ad1d3656d9518833380c277d1173d55356e0969a0be980
-
SSDEEP
1536:G4tHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtS9/Z1dl:G4tHa3Ln7N041QqhgS9/H
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-