Overview

overview

10

Static

static

3

5fc07da9ed...0N.exe

windows7-x64

10

5fc07da9ed...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5fc07da9ed16a8394b3326ff67d7e970N.exe

  • Size

    78KB

  • Sample

    240823-tx4xysxdqr

  • MD5

    5fc07da9ed16a8394b3326ff67d7e970

  • SHA1

    65cc35a7281c57d2981ed8aa8adda28f1ee8e6ba

  • SHA256

    6dc87ffc3a8e23f9a4f45d4099aff33f01a0b79f958428531eb9dd7603b9e602

  • SHA512

    afc54f9fee248376f719306b38b3f3c18674fe81faef3a1650e38b9bdcf10a501e8fcdcdab77c3199eea4eb6e0f9a8afdd16c8ca746fdfeb53d50640e259145c

  • SSDEEP

    1536:+e5kdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQty6Zt9/u1Kn:+e5Tn7N041Qqhgf9/X

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      5fc07da9ed16a8394b3326ff67d7e970N.exe

    • Size

      78KB

    • MD5

      5fc07da9ed16a8394b3326ff67d7e970

    • SHA1

      65cc35a7281c57d2981ed8aa8adda28f1ee8e6ba

    • SHA256

      6dc87ffc3a8e23f9a4f45d4099aff33f01a0b79f958428531eb9dd7603b9e602

    • SHA512

      afc54f9fee248376f719306b38b3f3c18674fe81faef3a1650e38b9bdcf10a501e8fcdcdab77c3199eea4eb6e0f9a8afdd16c8ca746fdfeb53d50640e259145c

    • SSDEEP

      1536:+e5kdy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQty6Zt9/u1Kn:+e5Tn7N041Qqhgf9/X

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks