General
-
Target
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed
-
Size
78KB
-
Sample
240409-el2k5aea83
-
MD5
e91a02de0b2dc5dbd32526c2ff40c64c
-
SHA1
cd049bff8c73c51cc74e388f9c5fc2811a9add41
-
SHA256
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed
-
SHA512
4e6268b5f7fa83311e723c62a45c21e61d6c63a6fe560e6ab378b8b9ff13b63f618300a8567967ed0efa75d71f3a8cc2c21296da4dacc390cc58f5909e48038e
-
SSDEEP
1536:TWV5jSgdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6x9/uO18u:TWV5jSvn7N041Qqhgp9/B
Static task
static1
Behavioral task
behavioral1
Sample
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed
-
Size
78KB
-
MD5
e91a02de0b2dc5dbd32526c2ff40c64c
-
SHA1
cd049bff8c73c51cc74e388f9c5fc2811a9add41
-
SHA256
fa05c038ef0dc5e87cc5f0cc602caefdeaa99cfc11bfb04b992acd7b3f5332ed
-
SHA512
4e6268b5f7fa83311e723c62a45c21e61d6c63a6fe560e6ab378b8b9ff13b63f618300a8567967ed0efa75d71f3a8cc2c21296da4dacc390cc58f5909e48038e
-
SSDEEP
1536:TWV5jSgdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6x9/uO18u:TWV5jSvn7N041Qqhgp9/B
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-