General
-
Target
4607aabb6e54b7279cef034c033631d0N
-
Size
78KB
-
Sample
240908-r5w6za1hql
-
MD5
4607aabb6e54b7279cef034c033631d0
-
SHA1
3c31a2e12ff26e8a1a45d99f8e02feeeeb013bbf
-
SHA256
54af753863d5a910ec6c0c8c24841b77cf521e87e6a7e032a9ee06e37472e97b
-
SHA512
1251868c0f9a630ffb06458ab7943224dce4d55a118a1a4a626294e3f759433f5ad83e84652f2897e41081ee5a3abf3895c507ff2133551fc2b6c70d0117180b
-
SSDEEP
1536:nHY6M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRY9/541hq:nHYnh/l0Y9MDYrm7RY9/r
Malware Config
Targets
-
-
Target
4607aabb6e54b7279cef034c033631d0N
-
Size
78KB
-
MD5
4607aabb6e54b7279cef034c033631d0
-
SHA1
3c31a2e12ff26e8a1a45d99f8e02feeeeb013bbf
-
SHA256
54af753863d5a910ec6c0c8c24841b77cf521e87e6a7e032a9ee06e37472e97b
-
SHA512
1251868c0f9a630ffb06458ab7943224dce4d55a118a1a4a626294e3f759433f5ad83e84652f2897e41081ee5a3abf3895c507ff2133551fc2b6c70d0117180b
-
SSDEEP
1536:nHY6M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRY9/541hq:nHYnh/l0Y9MDYrm7RY9/r
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-