General
-
Target
e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118
-
Size
78KB
-
Sample
240409-gp47jabf9t
-
MD5
e962fd27a0e66830e2f6697e3c263cb1
-
SHA1
3708b9d254841f47b1ae61897f3a6991ed955a4c
-
SHA256
b67841f190d5eefa0af36bffcf65ac83f994479d912d50bc71ffa314d07236c9
-
SHA512
4f3a35fc80c37c495a2ffddc3f0a23c46f81761ba00a355c039f99fbf4a6f399f14b90551487c064f798fdf79bde272f791792f685f636f587000609b8f8ced8
-
SSDEEP
1536:0PWtHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtV9/n1J7:0PWtHFon3xSyRxvY3md+dWWZyV9/j
Static task
static1
Behavioral task
behavioral1
Sample
e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118
-
Size
78KB
-
MD5
e962fd27a0e66830e2f6697e3c263cb1
-
SHA1
3708b9d254841f47b1ae61897f3a6991ed955a4c
-
SHA256
b67841f190d5eefa0af36bffcf65ac83f994479d912d50bc71ffa314d07236c9
-
SHA512
4f3a35fc80c37c495a2ffddc3f0a23c46f81761ba00a355c039f99fbf4a6f399f14b90551487c064f798fdf79bde272f791792f685f636f587000609b8f8ced8
-
SSDEEP
1536:0PWtHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtV9/n1J7:0PWtHFon3xSyRxvY3md+dWWZyV9/j
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-