General
-
Target
fcefb211e318d701bcec407393ce85f4_JaffaCakes118
-
Size
78KB
-
Sample
240420-rg8vvsac98
-
MD5
fcefb211e318d701bcec407393ce85f4
-
SHA1
341535bfce9489d94cb968e130642de6926f8f59
-
SHA256
ede02f6d37500c94fd48d0489f053f1de069080af87c37b61ed94d0073695e77
-
SHA512
a29b06ddad664c5399ffa254c3f4b81aa54ae1a92434968f6906dcc6bd63132773e840c18795b4ebbf653a05d1154766be4ef61ad05829a7fa63f9ef8b28d375
-
SSDEEP
1536:dPWV58Tdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6kM9/f150:dPWV58yn7N041QqhgR9/s
Static task
static1
Behavioral task
behavioral1
Sample
fcefb211e318d701bcec407393ce85f4_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fcefb211e318d701bcec407393ce85f4_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fcefb211e318d701bcec407393ce85f4_JaffaCakes118
-
Size
78KB
-
MD5
fcefb211e318d701bcec407393ce85f4
-
SHA1
341535bfce9489d94cb968e130642de6926f8f59
-
SHA256
ede02f6d37500c94fd48d0489f053f1de069080af87c37b61ed94d0073695e77
-
SHA512
a29b06ddad664c5399ffa254c3f4b81aa54ae1a92434968f6906dcc6bd63132773e840c18795b4ebbf653a05d1154766be4ef61ad05829a7fa63f9ef8b28d375
-
SSDEEP
1536:dPWV58Tdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6kM9/f150:dPWV58yn7N041QqhgR9/s
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-