General
-
Target
29f9b680505b0abf1f09b72d6537cc30N.exe
-
Size
78KB
-
Sample
240831-vmy5dsvgjd
-
MD5
29f9b680505b0abf1f09b72d6537cc30
-
SHA1
733878d7d19ca0f5c93e70005284da811fdcf5a2
-
SHA256
f6950aa2608d44af4e9ab8a77b3cd2b10b1a538f40130e651733bb49b09d8f70
-
SHA512
fa8cdbeb33518a908c039270a6b71b2d42f235d7b334f4339a0570d0ffa8d45cc0d6dc0380cfdc14df43ad7e9c3f69fed8a65d522adca4ee91b91f959a412185
-
SSDEEP
1536:4tHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtq9/o19N:4tHFo53Ln7N041Qqhgq9/2
Malware Config
Targets
-
-
Target
29f9b680505b0abf1f09b72d6537cc30N.exe
-
Size
78KB
-
MD5
29f9b680505b0abf1f09b72d6537cc30
-
SHA1
733878d7d19ca0f5c93e70005284da811fdcf5a2
-
SHA256
f6950aa2608d44af4e9ab8a77b3cd2b10b1a538f40130e651733bb49b09d8f70
-
SHA512
fa8cdbeb33518a908c039270a6b71b2d42f235d7b334f4339a0570d0ffa8d45cc0d6dc0380cfdc14df43ad7e9c3f69fed8a65d522adca4ee91b91f959a412185
-
SSDEEP
1536:4tHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtq9/o19N:4tHFo53Ln7N041Qqhgq9/2
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-