General
-
Target
1b8daf3e4c9c5407447c3c96e0b0ed7b
-
Size
78KB
-
Sample
240410-gd9mwaeb76
-
MD5
1b8daf3e4c9c5407447c3c96e0b0ed7b
-
SHA1
9aa2c07c95e0f22a356c71e7fbcc029f6310ebcb
-
SHA256
37dd69272c8cb247c3bb56283a9a786cc5cde3abaefcfead2067f81106f64d4e
-
SHA512
7f91ddebfefe6fd82f89df332f302aa540717f8eee2e728d3cef43996c664ad95d4f468981abd266610dab5b0e711dd546a88bb27ba1db9214a68df8f20387d9
-
SSDEEP
1536:sPy5jSBXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN639/0N1hX:sPy5jSBSyRxvhTzXPvCbW2UQ9/i
Static task
static1
Behavioral task
behavioral1
Sample
1b8daf3e4c9c5407447c3c96e0b0ed7b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1b8daf3e4c9c5407447c3c96e0b0ed7b.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
1b8daf3e4c9c5407447c3c96e0b0ed7b
-
Size
78KB
-
MD5
1b8daf3e4c9c5407447c3c96e0b0ed7b
-
SHA1
9aa2c07c95e0f22a356c71e7fbcc029f6310ebcb
-
SHA256
37dd69272c8cb247c3bb56283a9a786cc5cde3abaefcfead2067f81106f64d4e
-
SHA512
7f91ddebfefe6fd82f89df332f302aa540717f8eee2e728d3cef43996c664ad95d4f468981abd266610dab5b0e711dd546a88bb27ba1db9214a68df8f20387d9
-
SSDEEP
1536:sPy5jSBXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN639/0N1hX:sPy5jSBSyRxvhTzXPvCbW2UQ9/i
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-