General

  • Target

    bb54225c23d52ba823f738badc4590947be7cc8fee5d98a18a1948b2ac99bbb4

  • Size

    78KB

  • Sample

    240409-b5vp5seb21

  • MD5

    bc5e5cc2596b61fc49a8e4c67d8c0c73

  • SHA1

    37958af8225c7636d45fcd366226a104fd26041b

  • SHA256

    bb54225c23d52ba823f738badc4590947be7cc8fee5d98a18a1948b2ac99bbb4

  • SHA512

    e2a574ea0080ba0408d7b421cb68c8c952db117989c0733a5e2c52f7632ac10b1384ab4db3c1257c5dc4cebf22819053e8c2e3a9b217224ca278353c30614bd7

  • SSDEEP

    1536:TWtHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtei9/J172:TWtHa3Ln7N041Qqhgei9/2

Malware Config

Targets

    • Target

      bb54225c23d52ba823f738badc4590947be7cc8fee5d98a18a1948b2ac99bbb4

    • Size

      78KB

    • MD5

      bc5e5cc2596b61fc49a8e4c67d8c0c73

    • SHA1

      37958af8225c7636d45fcd366226a104fd26041b

    • SHA256

      bb54225c23d52ba823f738badc4590947be7cc8fee5d98a18a1948b2ac99bbb4

    • SHA512

      e2a574ea0080ba0408d7b421cb68c8c952db117989c0733a5e2c52f7632ac10b1384ab4db3c1257c5dc4cebf22819053e8c2e3a9b217224ca278353c30614bd7

    • SSDEEP

      1536:TWtHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtei9/J172:TWtHa3Ln7N041Qqhgei9/2

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks