General
-
Target
8f61a1c10ed39950b1c298df27248c10N.exe
-
Size
78KB
-
Sample
240821-d985fayckf
-
MD5
8f61a1c10ed39950b1c298df27248c10
-
SHA1
1c739a6d28d216be22da7c328850aedcffcc4116
-
SHA256
926e5aef8389b22a790ef4faa892a12519f733ef63c4779ce616221bee6d9380
-
SHA512
6f38b1d871dd6d26acc0969230eff84664ae154acc5fafa4594aec2088431bbf69e2fcb6268212f3ced392577ab0455fbd9287331b1dadb39c36d431de3d6ff8
-
SSDEEP
1536:AcRWtHF3uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtL+9/U:rRWtHFP3ZAtWDDILJLovbicqOq3o+nLN
Malware Config
Targets
-
-
Target
8f61a1c10ed39950b1c298df27248c10N.exe
-
Size
78KB
-
MD5
8f61a1c10ed39950b1c298df27248c10
-
SHA1
1c739a6d28d216be22da7c328850aedcffcc4116
-
SHA256
926e5aef8389b22a790ef4faa892a12519f733ef63c4779ce616221bee6d9380
-
SHA512
6f38b1d871dd6d26acc0969230eff84664ae154acc5fafa4594aec2088431bbf69e2fcb6268212f3ced392577ab0455fbd9287331b1dadb39c36d431de3d6ff8
-
SSDEEP
1536:AcRWtHF3uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtL+9/U:rRWtHFP3ZAtWDDILJLovbicqOq3o+nLN
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-