metamorpherrat | 40f25d5d2ea7b8e72d867db4e517ba16107f58c9e94cb67b6689771d4e3eab0d | Triage

Sharing

General

Target

d67d7c0e9f1e099f03b137e5d611e1c0N.exe
Size

78KB
Sample

240803-z2askavgrn
MD5

d67d7c0e9f1e099f03b137e5d611e1c0
SHA1

50ecf6d2f689eb139bc4ada37e0fd381c689711d
SHA256

40f25d5d2ea7b8e72d867db4e517ba16107f58c9e94cb67b6689771d4e3eab0d
SHA512

6b1e49a108831c8a34be9c44e4111c9e33aa872bbdcf5afe92c9dfe49ce4025b45209ff96356c95608ea929d713912dcd0bd087ee242b681d00d61c1ae042798
SSDEEP

1536:TcV5jSxAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti6d9/u1W6:QV5jSxAtWDDILJLovbicqOq3o+nl9/2

Score

10^/10

metamorpherrat discovery persistence rat stealer trojan

Malware Config

Targets

- Target
  
  d67d7c0e9f1e099f03b137e5d611e1c0N.exe
- Size
  
  78KB
- MD5
  
  d67d7c0e9f1e099f03b137e5d611e1c0
- SHA1
  
  50ecf6d2f689eb139bc4ada37e0fd381c689711d
- SHA256
  
  40f25d5d2ea7b8e72d867db4e517ba16107f58c9e94cb67b6689771d4e3eab0d
- SHA512
  
  6b1e49a108831c8a34be9c44e4111c9e33aa872bbdcf5afe92c9dfe49ce4025b45209ff96356c95608ea929d713912dcd0bd087ee242b681d00d61c1ae042798
- SSDEEP
  
  1536:TcV5jSxAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti6d9/u1W6:QV5jSxAtWDDILJLovbicqOq3o+nl9/2
Score

10^/10

metamorpherrat discovery persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoverypersistenceratstealertrojan

behavioral2

metamorpherratdiscoverypersistenceratstealertrojan