Overview

overview

10

Static

static

3

a0f7b6176e...0N.exe

windows7-x64

10

a0f7b6176e...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0f7b6176efdcc6a2bb9f90c3d58d3e0N.exe

  • Size

    78KB

  • Sample

    240806-n8ymesydkq

  • MD5

    a0f7b6176efdcc6a2bb9f90c3d58d3e0

  • SHA1

    466310f896964576dc10a1e9d8a1b9b1cad393d1

  • SHA256

    9ce97c2d25839e5800d080d886994eabfc3d9027e5d9c04549b3ebf3e09ad190

  • SHA512

    3afccc80ff20f23e8b29114bd43c797159fca92c980be55105d74acba4f748d0a01a53af4f6914ec61cec6fbf91014c31728e838a7feaf961f0cf9a3a00b603c

  • SSDEEP

    1536:x4HH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtY9/911b:SHa3Ln7N041QqhgY9/F

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      a0f7b6176efdcc6a2bb9f90c3d58d3e0N.exe

    • Size

      78KB

    • MD5

      a0f7b6176efdcc6a2bb9f90c3d58d3e0

    • SHA1

      466310f896964576dc10a1e9d8a1b9b1cad393d1

    • SHA256

      9ce97c2d25839e5800d080d886994eabfc3d9027e5d9c04549b3ebf3e09ad190

    • SHA512

      3afccc80ff20f23e8b29114bd43c797159fca92c980be55105d74acba4f748d0a01a53af4f6914ec61cec6fbf91014c31728e838a7feaf961f0cf9a3a00b603c

    • SSDEEP

      1536:x4HH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtY9/911b:SHa3Ln7N041QqhgY9/F

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks