General
-
Target
30b270cbfc01561a19349c4c0e3277f0N.exe
-
Size
78KB
-
Sample
240805-b2zjxstaql
-
MD5
30b270cbfc01561a19349c4c0e3277f0
-
SHA1
e6b596ca425810138cd0da4614acf6f3104fa08b
-
SHA256
55a0c071029e65d49286fab94770b1ac56e052da3084765c05a0f3478a36a82a
-
SHA512
a9045f172acdf89f08709de5e01161136969f5e0f36704696588a2bd1ac33ccb1e8121aafbf1e3527caa1c702bc0e3217f9cdcc1d6c80ba009863b4b8349b2ee
-
SSDEEP
1536:Ke5sdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6v9/vO1zg:Ke5bn7N041QqhgX9/v7
Malware Config
Targets
-
-
Target
30b270cbfc01561a19349c4c0e3277f0N.exe
-
Size
78KB
-
MD5
30b270cbfc01561a19349c4c0e3277f0
-
SHA1
e6b596ca425810138cd0da4614acf6f3104fa08b
-
SHA256
55a0c071029e65d49286fab94770b1ac56e052da3084765c05a0f3478a36a82a
-
SHA512
a9045f172acdf89f08709de5e01161136969f5e0f36704696588a2bd1ac33ccb1e8121aafbf1e3527caa1c702bc0e3217f9cdcc1d6c80ba009863b4b8349b2ee
-
SSDEEP
1536:Ke5sdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6v9/vO1zg:Ke5bn7N041QqhgX9/v7
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-