General

  • Target

    c22eca5cdde3c35ee9e2813ec6b43029c8f397f7e7e75180066304be08d00e25

  • Size

    78KB

  • Sample

    240409-cjpsfaeg7s

  • MD5

    ad5b023298720b5981a4d55ddb1ac6f4

  • SHA1

    78760c6942f86bf7c24be9f6fdfffecf04ab6a9b

  • SHA256

    c22eca5cdde3c35ee9e2813ec6b43029c8f397f7e7e75180066304be08d00e25

  • SHA512

    db3fc5869578a41b7f31495108adc70a00d8f73a748791c99300a54d4b5a4ad340e5dc96b7d7ad849f6621253750e72627be6d843330f578587c0a07250cccdc

  • SSDEEP

    1536:tV58XLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtd689/N31CW:tV587E2EwR4uY41HyvY39/1

Malware Config

Targets

    • Target

      c22eca5cdde3c35ee9e2813ec6b43029c8f397f7e7e75180066304be08d00e25

    • Size

      78KB

    • MD5

      ad5b023298720b5981a4d55ddb1ac6f4

    • SHA1

      78760c6942f86bf7c24be9f6fdfffecf04ab6a9b

    • SHA256

      c22eca5cdde3c35ee9e2813ec6b43029c8f397f7e7e75180066304be08d00e25

    • SHA512

      db3fc5869578a41b7f31495108adc70a00d8f73a748791c99300a54d4b5a4ad340e5dc96b7d7ad849f6621253750e72627be6d843330f578587c0a07250cccdc

    • SSDEEP

      1536:tV58XLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtd689/N31CW:tV587E2EwR4uY41HyvY39/1

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks