Overview

overview

10

Static

static

3

f0ae24aa91...0N.exe

windows7-x64

10

f0ae24aa91...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0ae24aa9110209578188ee9f1a5ed20N.exe

  • Size

    78KB

  • Sample

    240905-fjn3patarp

  • MD5

    f0ae24aa9110209578188ee9f1a5ed20

  • SHA1

    57fb9bbf9c185ea36b443050b5124935b8437a88

  • SHA256

    f8a012604c586848e485035eb3d63fa77158196807d8754fcab190eca89aaec4

  • SHA512

    15b9ea6bdc9e524c59aed4a46c118df9f063a6695cd0811b9ebd9cc5f82f1f4108f74c3c43b1d47b1b3f5404a1c8e9106f53fe7bfd0d0242cf65e90ce30193ae

  • SSDEEP

    1536:058VXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt961w9/y1XD:058VSyRxvhTzXPvCbW2UGw9/s

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      f0ae24aa9110209578188ee9f1a5ed20N.exe

    • Size

      78KB

    • MD5

      f0ae24aa9110209578188ee9f1a5ed20

    • SHA1

      57fb9bbf9c185ea36b443050b5124935b8437a88

    • SHA256

      f8a012604c586848e485035eb3d63fa77158196807d8754fcab190eca89aaec4

    • SHA512

      15b9ea6bdc9e524c59aed4a46c118df9f063a6695cd0811b9ebd9cc5f82f1f4108f74c3c43b1d47b1b3f5404a1c8e9106f53fe7bfd0d0242cf65e90ce30193ae

    • SSDEEP

      1536:058VXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt961w9/y1XD:058VSyRxvhTzXPvCbW2UGw9/s

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks