General
-
Target
1c010fcc6d1e9cc2f29cc67345f28a20N.exe
-
Size
78KB
-
Sample
240816-1f7e3ssbrr
-
MD5
1c010fcc6d1e9cc2f29cc67345f28a20
-
SHA1
42ee3e16500fe9b861419927d594f80d2954bca8
-
SHA256
1ffb470959c5209c6fb498a76801ea8094a045d99b9d279f70c9fa0cbd3ccdb0
-
SHA512
7faf1bed844c5291d4c0dcc9040119afda8d6b4a64a63e13deb502f9485f6a57e5537c7f513b00208d686701a6a404746935f516394a0b91e0de75ca4da23db9
-
SSDEEP
1536:qRCHF3M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRU9/E1a/:qRCHF8hASyRxvhTzXPvCbW2URU9/Z
Malware Config
Targets
-
-
Target
1c010fcc6d1e9cc2f29cc67345f28a20N.exe
-
Size
78KB
-
MD5
1c010fcc6d1e9cc2f29cc67345f28a20
-
SHA1
42ee3e16500fe9b861419927d594f80d2954bca8
-
SHA256
1ffb470959c5209c6fb498a76801ea8094a045d99b9d279f70c9fa0cbd3ccdb0
-
SHA512
7faf1bed844c5291d4c0dcc9040119afda8d6b4a64a63e13deb502f9485f6a57e5537c7f513b00208d686701a6a404746935f516394a0b91e0de75ca4da23db9
-
SSDEEP
1536:qRCHF3M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRU9/E1a/:qRCHF8hASyRxvhTzXPvCbW2URU9/Z
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-