General
-
Target
21d2a1a105d1732a7455269f4d82c45957fab4745744dab6c58fd7a20fac0fca
-
Size
78KB
-
Sample
240706-x94dqstdpd
-
MD5
e0a1f6e620c7a54da76ac0dcfefeaff7
-
SHA1
0ae77a558dd7298cc72eff664880e1da94bd211a
-
SHA256
21d2a1a105d1732a7455269f4d82c45957fab4745744dab6c58fd7a20fac0fca
-
SHA512
c85cd1a1a6f1d6d72246d252ad65253898a863c3d711b1157db683ef7716a8add64ec6304810825c6406dfddf88ce420d42f0de75c3c8fec2bf923746e2389c9
-
SSDEEP
1536:NPCHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQt09/t1US:NPCHYn3xSyRxvY3md+dWWZy09/v
Malware Config
Targets
-
-
Target
21d2a1a105d1732a7455269f4d82c45957fab4745744dab6c58fd7a20fac0fca
-
Size
78KB
-
MD5
e0a1f6e620c7a54da76ac0dcfefeaff7
-
SHA1
0ae77a558dd7298cc72eff664880e1da94bd211a
-
SHA256
21d2a1a105d1732a7455269f4d82c45957fab4745744dab6c58fd7a20fac0fca
-
SHA512
c85cd1a1a6f1d6d72246d252ad65253898a863c3d711b1157db683ef7716a8add64ec6304810825c6406dfddf88ce420d42f0de75c3c8fec2bf923746e2389c9
-
SSDEEP
1536:NPCHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQt09/t1US:NPCHYn3xSyRxvY3md+dWWZy09/v
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-