General
-
Target
24e9ece5a3b3447b96413b16bfcbb5e5a52bd02cd56ae02310bcbfbba66f77b7
-
Size
78KB
-
Sample
240910-ylnh2ssblk
-
MD5
5527c7cae265aa10d46b095b8fdacefd
-
SHA1
752540b656b0d0dbd79042b0d0b10a538612e89a
-
SHA256
24e9ece5a3b3447b96413b16bfcbb5e5a52bd02cd56ae02310bcbfbba66f77b7
-
SHA512
03db42a5a421ae5e8bb3961e4e548be9612c312e777a9fe1e92fb6f4c6d19748bbb93a49da962a71ff7c93ccbda13c904d5ce93cc6c5de3579f58111a6db7723
-
SSDEEP
1536:5X4V58WAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti6m9/N1n1:h4V58WAtWDDILJLovbicqOq3o+nO9/V
Malware Config
Targets
-
-
Target
24e9ece5a3b3447b96413b16bfcbb5e5a52bd02cd56ae02310bcbfbba66f77b7
-
Size
78KB
-
MD5
5527c7cae265aa10d46b095b8fdacefd
-
SHA1
752540b656b0d0dbd79042b0d0b10a538612e89a
-
SHA256
24e9ece5a3b3447b96413b16bfcbb5e5a52bd02cd56ae02310bcbfbba66f77b7
-
SHA512
03db42a5a421ae5e8bb3961e4e548be9612c312e777a9fe1e92fb6f4c6d19748bbb93a49da962a71ff7c93ccbda13c904d5ce93cc6c5de3579f58111a6db7723
-
SSDEEP
1536:5X4V58WAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qti6m9/N1n1:h4V58WAtWDDILJLovbicqOq3o+nO9/V
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-