Overview

overview

10

Static

static

3

f8d567f77c...0N.exe

windows7-x64

10

f8d567f77c...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8d567f77cb240cd91dd98a903e4a8e0N

  • Size

    78KB

  • Sample

    240827-d1jhessemp

  • MD5

    f8d567f77cb240cd91dd98a903e4a8e0

  • SHA1

    6f2e53eca8362dc1320defb169b106ecf29fd1f2

  • SHA256

    ad7aee0f76b855bc8f5ce8f50238f3626e702876b66f7b7cd86e78568b004e7c

  • SHA512

    5577fa78bbf45336f555d1b723e9513b424827bed7d3cdc018af4650687769e4a019afa51594ad48aa8eecb32b1f7b9678f498b3fdd1dcc31e070776c4814fd6

  • SSDEEP

    1536:iOe5RvZv0kH9gDDtWzYCnJPeoYrGQtC6s9/AO1sP:Je5Rl0Y9MDYrm7k9/A9

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      f8d567f77cb240cd91dd98a903e4a8e0N

    • Size

      78KB

    • MD5

      f8d567f77cb240cd91dd98a903e4a8e0

    • SHA1

      6f2e53eca8362dc1320defb169b106ecf29fd1f2

    • SHA256

      ad7aee0f76b855bc8f5ce8f50238f3626e702876b66f7b7cd86e78568b004e7c

    • SHA512

      5577fa78bbf45336f555d1b723e9513b424827bed7d3cdc018af4650687769e4a019afa51594ad48aa8eecb32b1f7b9678f498b3fdd1dcc31e070776c4814fd6

    • SSDEEP

      1536:iOe5RvZv0kH9gDDtWzYCnJPeoYrGQtC6s9/AO1sP:Je5Rl0Y9MDYrm7k9/A9

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks