General
-
Target
d789b1da3f7db1631d15869a3276f1a0N.exe
-
Size
78KB
-
Sample
240904-q2hcza1dlj
-
MD5
d789b1da3f7db1631d15869a3276f1a0
-
SHA1
db729847643ba46de490febb86c23562760fcf4a
-
SHA256
9491308a300ba9109bbcfeda7eb43523c6baa303aac29388a4e094389335f5d9
-
SHA512
903496b187f59e1a8f3ad526353290773d91b107ef81a53d059fd3dd5def08d3edabf4711d1833cf74b0779650f50fd01ed12b9f9bed50c11c8865b0fe2ff082
-
SSDEEP
1536:7ouHY6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtMT9/elB:8uHYI3ZAtWDDILJLovbicqOq3o+nMT9c
Malware Config
Targets
-
-
Target
d789b1da3f7db1631d15869a3276f1a0N.exe
-
Size
78KB
-
MD5
d789b1da3f7db1631d15869a3276f1a0
-
SHA1
db729847643ba46de490febb86c23562760fcf4a
-
SHA256
9491308a300ba9109bbcfeda7eb43523c6baa303aac29388a4e094389335f5d9
-
SHA512
903496b187f59e1a8f3ad526353290773d91b107ef81a53d059fd3dd5def08d3edabf4711d1833cf74b0779650f50fd01ed12b9f9bed50c11c8865b0fe2ff082
-
SSDEEP
1536:7ouHY6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtMT9/elB:8uHYI3ZAtWDDILJLovbicqOq3o+nMT9c
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-