General

  • Target

    e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118

  • Size

    78KB

  • Sample

    240409-gp47jabf9t

  • MD5

    e962fd27a0e66830e2f6697e3c263cb1

  • SHA1

    3708b9d254841f47b1ae61897f3a6991ed955a4c

  • SHA256

    b67841f190d5eefa0af36bffcf65ac83f994479d912d50bc71ffa314d07236c9

  • SHA512

    4f3a35fc80c37c495a2ffddc3f0a23c46f81761ba00a355c039f99fbf4a6f399f14b90551487c064f798fdf79bde272f791792f685f636f587000609b8f8ced8

  • SSDEEP

    1536:0PWtHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtV9/n1J7:0PWtHFon3xSyRxvY3md+dWWZyV9/j

Malware Config

Targets

    • Target

      e962fd27a0e66830e2f6697e3c263cb1_JaffaCakes118

    • Size

      78KB

    • MD5

      e962fd27a0e66830e2f6697e3c263cb1

    • SHA1

      3708b9d254841f47b1ae61897f3a6991ed955a4c

    • SHA256

      b67841f190d5eefa0af36bffcf65ac83f994479d912d50bc71ffa314d07236c9

    • SHA512

      4f3a35fc80c37c495a2ffddc3f0a23c46f81761ba00a355c039f99fbf4a6f399f14b90551487c064f798fdf79bde272f791792f685f636f587000609b8f8ced8

    • SSDEEP

      1536:0PWtHFo6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtV9/n1J7:0PWtHFon3xSyRxvY3md+dWWZyV9/j

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks