General
-
Target
266e13488f21ba0896e8fb1ca3a95a500fbb0404d9e105ff0b18ed8705cfaf6b
-
Size
78KB
-
Sample
240810-yf8a9svdpq
-
MD5
e75c70a4ed3f4f87dc148a69ad362144
-
SHA1
495a389e7880ac5c1f2ba243f5b3842556039f9a
-
SHA256
266e13488f21ba0896e8fb1ca3a95a500fbb0404d9e105ff0b18ed8705cfaf6b
-
SHA512
8524ad5d54283c7181c1704d7b268eb1f3571051f284cf98bf4b89ea90dc26c4143308c8eeabcb3957d8337a62983f662c408eff47ddfa48927349b43cdf526e
-
SSDEEP
1536:cPCHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtQ9/512A:cPCHY53Ln7N041QqhgQ9/T
Malware Config
Targets
-
-
Target
266e13488f21ba0896e8fb1ca3a95a500fbb0404d9e105ff0b18ed8705cfaf6b
-
Size
78KB
-
MD5
e75c70a4ed3f4f87dc148a69ad362144
-
SHA1
495a389e7880ac5c1f2ba243f5b3842556039f9a
-
SHA256
266e13488f21ba0896e8fb1ca3a95a500fbb0404d9e105ff0b18ed8705cfaf6b
-
SHA512
8524ad5d54283c7181c1704d7b268eb1f3571051f284cf98bf4b89ea90dc26c4143308c8eeabcb3957d8337a62983f662c408eff47ddfa48927349b43cdf526e
-
SSDEEP
1536:cPCHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtQ9/512A:cPCHY53Ln7N041QqhgQ9/T
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-