General
-
Target
daf90052fe5fd7a81d930e5020b5b3436a08be7b65d836dcbedb59249108f07e
-
Size
78KB
-
Sample
240910-dcf3dsvejf
-
MD5
3eaa57246d006fbaca448ac1b236849a
-
SHA1
f2a6dd57973db30f3621ecf6dd8eacdffad61aef
-
SHA256
daf90052fe5fd7a81d930e5020b5b3436a08be7b65d836dcbedb59249108f07e
-
SHA512
373975a3d6f8d6aac5f223f0966648b93a0e0a871c258e3c13b7e14965854ce90736880b3739790e8322abc2bc01614565f167b768df8411c7ae306e18c0358b
-
SSDEEP
1536:pWV5jSJXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6o9/c1Nk:pWV5jS5SyRxvhTzXPvCbW2U/9/r
Malware Config
Targets
-
-
Target
daf90052fe5fd7a81d930e5020b5b3436a08be7b65d836dcbedb59249108f07e
-
Size
78KB
-
MD5
3eaa57246d006fbaca448ac1b236849a
-
SHA1
f2a6dd57973db30f3621ecf6dd8eacdffad61aef
-
SHA256
daf90052fe5fd7a81d930e5020b5b3436a08be7b65d836dcbedb59249108f07e
-
SHA512
373975a3d6f8d6aac5f223f0966648b93a0e0a871c258e3c13b7e14965854ce90736880b3739790e8322abc2bc01614565f167b768df8411c7ae306e18c0358b
-
SSDEEP
1536:pWV5jSJXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6o9/c1Nk:pWV5jS5SyRxvhTzXPvCbW2U/9/r
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-