General
-
Target
047e2b220274efec3654b82f56552676_JaffaCakes118
-
Size
78KB
-
Sample
240728-bh9wjsyhjl
-
MD5
047e2b220274efec3654b82f56552676
-
SHA1
3df7a72f37c4ad0b94ecfa4e83071cbcd6271235
-
SHA256
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
SHA512
7d3b0897b4be725ede778dd16f682a6886773a9eddc1847dfbd5ef177a8a627bf9c0d00acf83d0367c44a702ba8587708fdcef41b72628a6c1df6569b98a1b07
-
SSDEEP
1536:pe58Ndy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt961F9/Z1L4:pe58Yn7N041QqhgGF9/Q
Malware Config
Targets
-
-
Target
047e2b220274efec3654b82f56552676_JaffaCakes118
-
Size
78KB
-
MD5
047e2b220274efec3654b82f56552676
-
SHA1
3df7a72f37c4ad0b94ecfa4e83071cbcd6271235
-
SHA256
712561619bc576935f48a174bdc630cd1d08348714551c1edc1ac11578f2307a
-
SHA512
7d3b0897b4be725ede778dd16f682a6886773a9eddc1847dfbd5ef177a8a627bf9c0d00acf83d0367c44a702ba8587708fdcef41b72628a6c1df6569b98a1b07
-
SSDEEP
1536:pe58Ndy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQt961F9/Z1L4:pe58Yn7N041QqhgGF9/Q
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-