General
-
Target
b8793caba27d0eaab94758c378efe000N.exe
-
Size
78KB
-
Sample
240910-xk173s1aqc
-
MD5
b8793caba27d0eaab94758c378efe000
-
SHA1
737051e456217e8a4449bdeaba2432fdee839012
-
SHA256
dda190817a878208465944ffc20bba4106d7f1e79231b38804f6b0ab04e45e02
-
SHA512
b33828c38210216c131a43ccda2541abe483902c00f7f546c9cff6996cc65e6dcac51b822211bc30337a5d7555472c15deaf25cfc9cea5c37d8c30d6d1aaec7a
-
SSDEEP
1536:6y5j5dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6MM9/f1LI:6y5jkn7N041QqhgA9/C
Malware Config
Targets
-
-
Target
b8793caba27d0eaab94758c378efe000N.exe
-
Size
78KB
-
MD5
b8793caba27d0eaab94758c378efe000
-
SHA1
737051e456217e8a4449bdeaba2432fdee839012
-
SHA256
dda190817a878208465944ffc20bba4106d7f1e79231b38804f6b0ab04e45e02
-
SHA512
b33828c38210216c131a43ccda2541abe483902c00f7f546c9cff6996cc65e6dcac51b822211bc30337a5d7555472c15deaf25cfc9cea5c37d8c30d6d1aaec7a
-
SSDEEP
1536:6y5j5dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6MM9/f1LI:6y5jkn7N041QqhgA9/C
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-