Overview

overview

10

Static

static

3

b3730424ad...0N.exe

windows7-x64

10

b3730424ad...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3730424ad591633e0c57b72b99609f0N

  • Size

    78KB

  • Sample

    240913-aaawtasflm

  • MD5

    b3730424ad591633e0c57b72b99609f0

  • SHA1

    449e56dcbeabfe045c5bdb820ac8c3ce50a25a75

  • SHA256

    0092345c9172b7d0d862ff4489896e409f93e50839841147908fa4da949cd0d6

  • SHA512

    4549086907d60718c19074a31d1bba2231e342c729fff8b8bb041bf439db5d39f42a31aa6a2e80fa3f5f9f3018eb6bbb26136d319cdb5b71883686c2ee2a5ecf

  • SSDEEP

    1536:zVPy5jSIAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd609/S1sN:BPy5jSIAtWDDILJLovbicqOq3o+nT9/j

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      b3730424ad591633e0c57b72b99609f0N

    • Size

      78KB

    • MD5

      b3730424ad591633e0c57b72b99609f0

    • SHA1

      449e56dcbeabfe045c5bdb820ac8c3ce50a25a75

    • SHA256

      0092345c9172b7d0d862ff4489896e409f93e50839841147908fa4da949cd0d6

    • SHA512

      4549086907d60718c19074a31d1bba2231e342c729fff8b8bb041bf439db5d39f42a31aa6a2e80fa3f5f9f3018eb6bbb26136d319cdb5b71883686c2ee2a5ecf

    • SSDEEP

      1536:zVPy5jSIAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd609/S1sN:BPy5jSIAtWDDILJLovbicqOq3o+nT9/j

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks