General

  • Target

    c3ead0cd7e949eeae49a7e66bc3a8d90474269b9c95549ca539bc79436ca5eb8

  • Size

    78KB

  • Sample

    240409-clhrxaeh4w

  • MD5

    cbf55362823b71f4539742be3679fb71

  • SHA1

    2fdc0726c0147e29d0da90f2e09be3f88713f923

  • SHA256

    c3ead0cd7e949eeae49a7e66bc3a8d90474269b9c95549ca539bc79436ca5eb8

  • SHA512

    5d473920e10cb17e4bbe39afeeaf81266682715428a6ada514e059c23e8ded5977e43b6e0e808b7f0458dc718f5cf50cb047a07add453cf5978c259ac6e66269

  • SSDEEP

    1536:oHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtF9/E1nN:oHY53Ln7N041QqhgF9/A

Malware Config

Targets

    • Target

      c3ead0cd7e949eeae49a7e66bc3a8d90474269b9c95549ca539bc79436ca5eb8

    • Size

      78KB

    • MD5

      cbf55362823b71f4539742be3679fb71

    • SHA1

      2fdc0726c0147e29d0da90f2e09be3f88713f923

    • SHA256

      c3ead0cd7e949eeae49a7e66bc3a8d90474269b9c95549ca539bc79436ca5eb8

    • SHA512

      5d473920e10cb17e4bbe39afeeaf81266682715428a6ada514e059c23e8ded5977e43b6e0e808b7f0458dc718f5cf50cb047a07add453cf5978c259ac6e66269

    • SSDEEP

      1536:oHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtF9/E1nN:oHY53Ln7N041QqhgF9/A

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks