Overview

overview

10

Static

static

3

1a0a153982...0N.exe

windows7-x64

7

1a0a153982...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a0a1539820a23327d3cdbee1633fe90N.exe

  • Size

    78KB

  • Sample

    240827-mte14awhne

  • MD5

    1a0a1539820a23327d3cdbee1633fe90

  • SHA1

    be9c3aef5ac7748493ad136dfc35755ceacda190

  • SHA256

    531d9c984d1e240886d9ff486ea9be81f9b68068eb2c81d9769a702e2636eb22

  • SHA512

    b387ae9655630a3dd255c3ec64fd64d87f2d9e0dfef40c1f907a0a98e746ad415a59ef90204d83a0823f35ef28af287c44658a994da248736b2c6ca8ee3858a2

  • SSDEEP

    1536:oBy5sAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti669/51x5:ay5sAtWDDILJLovbicqOq3o+ni9/b

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      1a0a1539820a23327d3cdbee1633fe90N.exe

    • Size

      78KB

    • MD5

      1a0a1539820a23327d3cdbee1633fe90

    • SHA1

      be9c3aef5ac7748493ad136dfc35755ceacda190

    • SHA256

      531d9c984d1e240886d9ff486ea9be81f9b68068eb2c81d9769a702e2636eb22

    • SHA512

      b387ae9655630a3dd255c3ec64fd64d87f2d9e0dfef40c1f907a0a98e746ad415a59ef90204d83a0823f35ef28af287c44658a994da248736b2c6ca8ee3858a2

    • SSDEEP

      1536:oBy5sAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti669/51x5:ay5sAtWDDILJLovbicqOq3o+ni9/b

    Score
    10/10
    discoverypersistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks