Overview

overview

10

Static

static

3

70538328a6...93.exe

windows7-x64

7

70538328a6...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70538328a6227ae9f7e2015bf4268961bf8a1b8ad5e70ff9183289d381271093.exe

  • Size

    78KB

  • Sample

    240907-br81lsxhra

  • MD5

    dac24be555c602c80489941360a2810f

  • SHA1

    e4e283e68ace2e3282a1eb87f9692a0c4020a3b9

  • SHA256

    70538328a6227ae9f7e2015bf4268961bf8a1b8ad5e70ff9183289d381271093

  • SHA512

    3447c46f54c26c05cd8e3bd0b89a5ed1534430c2bf2466a8355e043abe01747c2bd21ff3eb0a449df29354ba87905848cd89e8e16fcc995a328a68a038282504

  • SSDEEP

    1536:BcuHFo6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtLo9/E5:SuHFoI3ZAtWDDILJLovbicqOq3o+nLoO

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      70538328a6227ae9f7e2015bf4268961bf8a1b8ad5e70ff9183289d381271093.exe

    • Size

      78KB

    • MD5

      dac24be555c602c80489941360a2810f

    • SHA1

      e4e283e68ace2e3282a1eb87f9692a0c4020a3b9

    • SHA256

      70538328a6227ae9f7e2015bf4268961bf8a1b8ad5e70ff9183289d381271093

    • SHA512

      3447c46f54c26c05cd8e3bd0b89a5ed1534430c2bf2466a8355e043abe01747c2bd21ff3eb0a449df29354ba87905848cd89e8e16fcc995a328a68a038282504

    • SSDEEP

      1536:BcuHFo6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtLo9/E5:SuHFoI3ZAtWDDILJLovbicqOq3o+nLoO

    Score
    10/10
    discoverypersistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks