General
-
Target
eaf88d8f3148eece8a85cca78708dcf3_JaffaCakes118
-
Size
78KB
-
Sample
240410-nqlj5shc8t
-
MD5
eaf88d8f3148eece8a85cca78708dcf3
-
SHA1
fc4d19b19292ead489c157499f908c69195d25d4
-
SHA256
32ba87d4987f721018ceaa578714d7231ef4b7e3ca55e3b052845070b410a9eb
-
SHA512
fc4b716ee9b9bbca56103163c4f1bf3d1fc70bfed2d3c3f6fd7b99593bff5e40f68a295cd9af28e022351bbbd47db93fcc1800115c17a5246d58a8c73a54f081
-
SSDEEP
1536:VWV5jSEdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6S9/gh1Ry:VWV5jSzn7N041Qqhg69/3
Static task
static1
Behavioral task
behavioral1
Sample
eaf88d8f3148eece8a85cca78708dcf3_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
eaf88d8f3148eece8a85cca78708dcf3_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
eaf88d8f3148eece8a85cca78708dcf3_JaffaCakes118
-
Size
78KB
-
MD5
eaf88d8f3148eece8a85cca78708dcf3
-
SHA1
fc4d19b19292ead489c157499f908c69195d25d4
-
SHA256
32ba87d4987f721018ceaa578714d7231ef4b7e3ca55e3b052845070b410a9eb
-
SHA512
fc4b716ee9b9bbca56103163c4f1bf3d1fc70bfed2d3c3f6fd7b99593bff5e40f68a295cd9af28e022351bbbd47db93fcc1800115c17a5246d58a8c73a54f081
-
SSDEEP
1536:VWV5jSEdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6S9/gh1Ry:VWV5jSzn7N041Qqhg69/3
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-