General
-
Target
2ebeac34a7af86724e3019dc654e4750N.exe
-
Size
78KB
-
Sample
240709-ghsvxsyelp
-
MD5
2ebeac34a7af86724e3019dc654e4750
-
SHA1
68b61f7f69596bf273fda1b0a996892ca13b66b9
-
SHA256
61d4a051fff9d614d8c41d64c4a8662189a234fab5b6ff52269a6705d1b6632d
-
SHA512
8f958e929f215c7ed04756b632595a95f92db8c3b01ab9e72b550cb48c180a247935a16d6f4f32e9275b50084210833bff1159a9d17d85dee553b093bd51d73f
-
SSDEEP
1536:fPWV5jIXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6P9/p1XH:fPWV5jQSyRxvhTzXPvCbW2UI9/z
Malware Config
Targets
-
-
Target
2ebeac34a7af86724e3019dc654e4750N.exe
-
Size
78KB
-
MD5
2ebeac34a7af86724e3019dc654e4750
-
SHA1
68b61f7f69596bf273fda1b0a996892ca13b66b9
-
SHA256
61d4a051fff9d614d8c41d64c4a8662189a234fab5b6ff52269a6705d1b6632d
-
SHA512
8f958e929f215c7ed04756b632595a95f92db8c3b01ab9e72b550cb48c180a247935a16d6f4f32e9275b50084210833bff1159a9d17d85dee553b093bd51d73f
-
SSDEEP
1536:fPWV5jIXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6P9/p1XH:fPWV5jQSyRxvhTzXPvCbW2UI9/z
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-