General
-
Target
86d557db8f452fab4a25c34073830c90N
-
Size
78KB
-
Sample
240911-zz4ymatakp
-
MD5
86d557db8f452fab4a25c34073830c90
-
SHA1
b027cc815c1fdf844d25fadf2a71402569eb9388
-
SHA256
83d1cbc1a21867cbe377c1f2cb7cacbab6603bf729b47633f5253093bca56f3d
-
SHA512
9b6cb8bde62f2eb88dede40657ac9e66c2a816ff53a7f7233d991a7435792bad387d127142115d9550deef08355c04c546567e59cf5deea8c96f4411586a95c7
-
SSDEEP
1536:X5jSAXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6D9/GO1UT:X5jS4SyRxvhTzXPvCbW2UU9/u
Malware Config
Targets
-
-
Target
86d557db8f452fab4a25c34073830c90N
-
Size
78KB
-
MD5
86d557db8f452fab4a25c34073830c90
-
SHA1
b027cc815c1fdf844d25fadf2a71402569eb9388
-
SHA256
83d1cbc1a21867cbe377c1f2cb7cacbab6603bf729b47633f5253093bca56f3d
-
SHA512
9b6cb8bde62f2eb88dede40657ac9e66c2a816ff53a7f7233d991a7435792bad387d127142115d9550deef08355c04c546567e59cf5deea8c96f4411586a95c7
-
SSDEEP
1536:X5jSAXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtN6D9/GO1UT:X5jS4SyRxvhTzXPvCbW2UU9/u
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-