General
-
Target
fc0ada1226b3666b5875cf6c4cbe07d8_JaffaCakes118
-
Size
78KB
-
Sample
240420-gbxkjahh36
-
MD5
fc0ada1226b3666b5875cf6c4cbe07d8
-
SHA1
7404925277988f1ffab7a2bf9400d51a837923ea
-
SHA256
a631d8a8d5d3821bfd0da928365f7b7bb4921461652c5a5b2c406e61f9c23a62
-
SHA512
e87923f1ba24d9f646bfaf1ca01e7e66174defdde0d4ce2b65da23e78f59a9cc9492626cc25dc5440b9c51c47ad33aaaf37c5a98dc74062925d6169e1ed68807
-
SSDEEP
1536:75jidy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6h9/V166:75j9n7N041Qqhg59/9
Static task
static1
Behavioral task
behavioral1
Sample
fc0ada1226b3666b5875cf6c4cbe07d8_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fc0ada1226b3666b5875cf6c4cbe07d8_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fc0ada1226b3666b5875cf6c4cbe07d8_JaffaCakes118
-
Size
78KB
-
MD5
fc0ada1226b3666b5875cf6c4cbe07d8
-
SHA1
7404925277988f1ffab7a2bf9400d51a837923ea
-
SHA256
a631d8a8d5d3821bfd0da928365f7b7bb4921461652c5a5b2c406e61f9c23a62
-
SHA512
e87923f1ba24d9f646bfaf1ca01e7e66174defdde0d4ce2b65da23e78f59a9cc9492626cc25dc5440b9c51c47ad33aaaf37c5a98dc74062925d6169e1ed68807
-
SSDEEP
1536:75jidy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6h9/V166:75j9n7N041Qqhg59/9
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-