Overview

overview

10

Static

static

3

a99428a234...0N.exe

windows7-x64

10

a99428a234...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a99428a2340d6a274d3fa3be5c53b870N

  • Size

    78KB

  • Sample

    240911-2fxfjsxarh

  • MD5

    a99428a2340d6a274d3fa3be5c53b870

  • SHA1

    896cd00194e26b3812fce80ec8673f12cc6227ce

  • SHA256

    b68860942863ceebe7a1b3a57856604e544d83f266ad0bea3dacf3bc7d74314d

  • SHA512

    b615535267f210cdaff56f4adce27f63e467bbd78fcaab8c5264daf3c199669137565b1c39b94837ccf6614723704551a606f27896a46ea1fece32a5ffbd332a

  • SSDEEP

    1536:9Oc5jSbvZv0kH9gDDtWzYCnJPeoYrGQtN6H9/CBB1D7:Yc5jSbl0Y9MDYrm7c9/CBL

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      a99428a2340d6a274d3fa3be5c53b870N

    • Size

      78KB

    • MD5

      a99428a2340d6a274d3fa3be5c53b870

    • SHA1

      896cd00194e26b3812fce80ec8673f12cc6227ce

    • SHA256

      b68860942863ceebe7a1b3a57856604e544d83f266ad0bea3dacf3bc7d74314d

    • SHA512

      b615535267f210cdaff56f4adce27f63e467bbd78fcaab8c5264daf3c199669137565b1c39b94837ccf6614723704551a606f27896a46ea1fece32a5ffbd332a

    • SSDEEP

      1536:9Oc5jSbvZv0kH9gDDtWzYCnJPeoYrGQtN6H9/CBB1D7:Yc5jSbl0Y9MDYrm7c9/CBL

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks