General

  • Target

    4fe1a1507329a5809758e567869e00db

  • Size

    78KB

  • Sample

    240409-2hf7caae8v

  • MD5

    4fe1a1507329a5809758e567869e00db

  • SHA1

    49a4c3136344c7e47cdcdad552ddbdc60cbea2cb

  • SHA256

    3a8bbe0c069c3c01368596ca076d29bdb515ccf3a70feb7003419b1c48bc61b2

  • SHA512

    64049e07cc0a996cf3fc8f53642fdb6e68b63338afd7771aeba4f4b305e53e6af276401da6b7f2b640ad1d3656d9518833380c277d1173d55356e0969a0be980

  • SSDEEP

    1536:G4tHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtS9/Z1dl:G4tHa3Ln7N041QqhgS9/H

Malware Config

Targets

    • Target

      4fe1a1507329a5809758e567869e00db

    • Size

      78KB

    • MD5

      4fe1a1507329a5809758e567869e00db

    • SHA1

      49a4c3136344c7e47cdcdad552ddbdc60cbea2cb

    • SHA256

      3a8bbe0c069c3c01368596ca076d29bdb515ccf3a70feb7003419b1c48bc61b2

    • SHA512

      64049e07cc0a996cf3fc8f53642fdb6e68b63338afd7771aeba4f4b305e53e6af276401da6b7f2b640ad1d3656d9518833380c277d1173d55356e0969a0be980

    • SSDEEP

      1536:G4tHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtS9/Z1dl:G4tHa3Ln7N041QqhgS9/H

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks