General
-
Target
4a3a462f29747271c6ff2f0f08d26a60N.exe
-
Size
78KB
-
Sample
240806-c9hf2sxcnk
-
MD5
4a3a462f29747271c6ff2f0f08d26a60
-
SHA1
7c00e71ce3192a40cb8df94984811ffb13b7e59a
-
SHA256
12bdda0dea5e73774c7c5ece80c135042386af4dc7bb84e50f71b467cedfde7d
-
SHA512
af01ceb84c233d28a36c51593d53fb10341db0673329137a134fb426d59b3e98c1049be81810fc888b68c116ecd32b7d62bda75ef0d9d7f82f009e9efc7a13a0
-
SSDEEP
1536:He5sdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6z9/NU10m:He5bn7N041QqhgI9/Ny
Malware Config
Targets
-
-
Target
4a3a462f29747271c6ff2f0f08d26a60N.exe
-
Size
78KB
-
MD5
4a3a462f29747271c6ff2f0f08d26a60
-
SHA1
7c00e71ce3192a40cb8df94984811ffb13b7e59a
-
SHA256
12bdda0dea5e73774c7c5ece80c135042386af4dc7bb84e50f71b467cedfde7d
-
SHA512
af01ceb84c233d28a36c51593d53fb10341db0673329137a134fb426d59b3e98c1049be81810fc888b68c116ecd32b7d62bda75ef0d9d7f82f009e9efc7a13a0
-
SSDEEP
1536:He5sdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6z9/NU10m:He5bn7N041QqhgI9/Ny
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-