General
-
Target
ea9bd0e0af93469d88b0be36fd78a2db_JaffaCakes118
-
Size
78KB
-
Sample
240410-jwprjagh67
-
MD5
ea9bd0e0af93469d88b0be36fd78a2db
-
SHA1
f05b628a9f8fe87f4eb5b2c1db6cb13df9ed50dc
-
SHA256
6013b8df312752922c449e0977753efceca566b1030f9904663cb7220f10f4ae
-
SHA512
affd76ca4d44ad95f878df0f3dda7857b4bd6b727e3dcb19ccd20c26e89fd09477ecbf3231e4cb2e400295977b0256c76c54dcd71c58cfb72546c50228c7b76b
-
SSDEEP
1536:GhRWV58wXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQt96U9/lf1/P:CRWV58oSyRxvY3md+dWWZyH9/D
Static task
static1
Behavioral task
behavioral1
Sample
ea9bd0e0af93469d88b0be36fd78a2db_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ea9bd0e0af93469d88b0be36fd78a2db_JaffaCakes118.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
ea9bd0e0af93469d88b0be36fd78a2db_JaffaCakes118
-
Size
78KB
-
MD5
ea9bd0e0af93469d88b0be36fd78a2db
-
SHA1
f05b628a9f8fe87f4eb5b2c1db6cb13df9ed50dc
-
SHA256
6013b8df312752922c449e0977753efceca566b1030f9904663cb7220f10f4ae
-
SHA512
affd76ca4d44ad95f878df0f3dda7857b4bd6b727e3dcb19ccd20c26e89fd09477ecbf3231e4cb2e400295977b0256c76c54dcd71c58cfb72546c50228c7b76b
-
SSDEEP
1536:GhRWV58wXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQt96U9/lf1/P:CRWV58oSyRxvY3md+dWWZyH9/D
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-