Overview

overview

10

Static

static

3

5719748037...0N.exe

windows7-x64

10

5719748037...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5719748037381e8e8318719428cc0c70N.exe

  • Size

    78KB

  • Sample

    240827-weelfsvcmk

  • MD5

    5719748037381e8e8318719428cc0c70

  • SHA1

    09ae34b42d87a59e917578a28f8cc75849ae4f65

  • SHA256

    e38299e07fd69de10372de077cafd2761c5522eb8670e75c94654cca3dbc208c

  • SHA512

    9a150ed0f1011ac34be24877f459de2a6fc3b14e0b0b142f7e96ab66b194676f08a8aff3d60f1ba3b54abb68cd7d7e4941c684f011fa5b186770e94ad20cb2fc

  • SSDEEP

    1536:jPCHFo6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt59/q1vq:jPCHFonhASyRxvhTzXPvCbW2U59/9

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      5719748037381e8e8318719428cc0c70N.exe

    • Size

      78KB

    • MD5

      5719748037381e8e8318719428cc0c70

    • SHA1

      09ae34b42d87a59e917578a28f8cc75849ae4f65

    • SHA256

      e38299e07fd69de10372de077cafd2761c5522eb8670e75c94654cca3dbc208c

    • SHA512

      9a150ed0f1011ac34be24877f459de2a6fc3b14e0b0b142f7e96ab66b194676f08a8aff3d60f1ba3b54abb68cd7d7e4941c684f011fa5b186770e94ad20cb2fc

    • SSDEEP

      1536:jPCHFo6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt59/q1vq:jPCHFonhASyRxvhTzXPvCbW2U59/9

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks